April 27, 2009

Europe funds search for secure operating system

Dutch uni bags grant to find secure Windows and Linux alternative

By Jeremy Kirk, IDG news service

---

A Dutch university has landed a European Research Council grant to continue work on a Unix-type operating system that aims to be more reliable and secure than Linux or Microsoft Windows.

The €2.5 million (US$3.3 million) grant will fund three researchers and two programmers, said Andrew S. Tanenbaum, a computer science professor at Vrije Universiteit in the Netherlands.

Tanenbaum developed Minix, an operating system based somewhat on Unix that has a small code base and implements strong security controls.

The latest grant will allow further research into a making the operating system capable of fixing itself when a bug is detected, allowing computers to be a more reliable, Tanenbaum said.

"It irritates me to no end when software doesn't work," Tanenbaum said. "Having to reboot your computer is just a pain. The question is 'Can you make a system that actually works very well?'"

Software bugs will never be eliminated, Tanenbaum wrote in the project proposal. But operating system such as Windows and Linux are designed in ways that make them less reliable than they could be, he said.

For example, drivers for features such as sound and other peripheral components must be installed inside the operating system's kernel, or the computer's core code. If something goes wrong, it usually hangs up the machine.

Minix, however, is designed so drivers operate like applications outside of the kernel, which means if they crash, the computer will carry on, Tanenbaum said. The concept is called a "microkernel" rather than its opposite, a monolithic kernel.

In Tanenbaum's model, other components of the operating system will function in tightly constrained modules that can't interfere with one another if they fail. It also improves overall security.

A more secure operating system also leaves software vendors more accountable for software vulnerabilities. The expectations for software are much lower than for other industries, where a component failure such as a vehicle tire leads to recalls and law suits, Tanenbaum said.

But that liability could be assigned more easily if the software is less complex and more stable, he said.

"We want to make software that is very, very reliable," Tanenbaum said.

The funding will allow Minix research to continue for five more years.

Newsletters

Our Daily & Weekly Newsletters highlight breaking news, vital issues, expert analysis and solutions to help you stay ahead of developments in the industry.