Analysis of Inter-Module Error Propagation Paths in Monolithic Operating System Kernels

Operating Systems interact directly with the hardware, so they are prone to hardware errors. This is particularly true with monolithic kernels, where all subsystems and device drivers share the same execution domain. Even in systems that support kernel modules, components still run under the same privilege level as the main kernel. Module partitioning techniques to address error propagation do exist, but they impose a performance overhead from frequent domain switches when control flows from one module to another. This paper presents a technique to extract the relationship between kernel modules and to identify potential error propagation paths between them. We also suggest a technique to group modules with respect to the function they provide, so that the number of execution domains can be minimized while still maintaining error isolation between subsystems. Additionally, we provide an evaluation of the module grouping technique in respect to performance overhead and dependability for a simple isolation environment.