Singularity (operating system)


Singularity is an experimental operating system which was built by Microsoft Research between 2003 and 2010. It was designed as a high dependability OS in which the kernel, device drivers, and application software were all written in managed code. Internal security uses type safety instead of hardware memory protection.

Operation

The lowest-level x86 interrupt dispatch code is written in assembly language and C. Once this code has done its job, it invokes the kernel, which runtime system and garbage collector are written in Sing# and runs in unprotected mode. The hardware abstraction layer is written in C++ and runs in protected mode. There is also some C code to handle debugging. The computer's basic input/output system is invoked during the 16-bit real mode bootstrap stage; once in 32-bit mode, Singularity never invokes the BIOS again, but invokes device drivers written in Sing#. During installation, Common Intermediate Language opcodes are compiled into x86 opcodes using the Bartok compiler.

Security design

Singularity is a microkernel operating system. Unlike most historic microkernels, its components execute in the same address space, which contains software-isolated processes. Each SIP has its own data and code layout, and is independent from other SIPs. These SIPs behave like normal processes, but avoid the cost of task-switches.
Protection in this system is provided by a set of rules called invariants that are verified by static program analysis. For example, in the memory-invariant states there must be no cross-references between two SIPs; communication between SIPs occurs via higher-order communication channels managed by the operating system. Invariants are checked during installation of the application.
Most of the invariants rely on the use of safer memory-managed languages, such as Sing#, which have a garbage collector, allow no arbitrary pointers, and allow code to be verified to meet a given computer security policy.

Project status

Singularity 1.0 was completed in 2007. A Singularity Research Development Kit was released under a shared source license allowing academic non-commercial use, and is available from CodePlex. Version 1.1 was released in March 2007 and version 2.0 was released on November 14, 2008.

Similar projects