▶ 2.2 Programs and Processes
To make the most out of our computers, we run as many programs simultaneously as possible. When drafting a report or paper, people often run a word processor in one window and a web browser in the other. We rely on the operating system (OS) to run the processes for us and to make sure that our keystrokes and mouse clicks go to the correct program. Most systems fall into two categories: Windows-based systems and Unix-based systems. The Windows-based systems were developed by Microsoft. Unix-based systems include the many variants of Linux, Sun’s Solaris operating system, Google’s Android, IBM’s AIX, and both Apple’s iOS and MacOS (formerly called OS X).
Originally, people operated computers by typing individual commands to the operating system or to application programs using the computer’s keyboard. When Microsoft first sold an operating system for desktop computers, it called it the Microsoft Disk Operating System (MS-DOS). On Unix-based systems, users typed commands into a program to handle keyboard commands called a shell. Today, any program that handles the operating system’s keyboard commands may be called a shell.
In modern graphics-oriented computers, many keyboard commands became drop-down menu items. However, most systems still provide a command shell to interpret keyboard commands. This is because some commands are rarely used by less-sophisticated users, and programmers never bothered to create a graphical user interface (GUI) for it. When we run the “cmd” program on Microsoft Windows, it starts up the MS-DOS shell.
FIGURE 2.5 shows two windows running the MS-DOS shell. Each window is in fact executing slightly different commands. Although both are running the same “cmd” program, each represents a separate process inside the computer. Each process has its own, separate RAM and program counter, even if it executes the same program as another process.
FIGURE 2.5 Running two processes at once.
Used with permission from Microsoft.
If we type a command to print out a long file in each window, we may see the output scroll past on both windows simultaneously. Although it may look as if the processes are running windows simultaneously, they may in fact be taking turns. Each turn may last for a few thousandths of a second. The switching happens so fast that we don’t see the processes take turns.
We call this type of sharing multitasking. Modern computers have special circuits in their CPUs to support multitasking. Modern operating systems have special multitasking software to manage these circuits and implement the sharing. Even when a computer lacks multiple CPUs or “cores,” the operating system can keep several programs active at once.
If a computer contains only a single CPU, it’s impossible to execute more than one program at a time. Instead, the operating system makes the programs take turns with the CPU. Each “running” program gets to use the CPU for a fraction of a second, or until it reaches a point where it must await an I/O operation. Then the operating system turns the CPU over to another program.
Process switching happens so quickly that we can’t tell that programs are taking turns. This produces an “illusion of parallelism” because it appears as if the programs are running simultaneously.
2.2.1 Switching Between Processes
To switch between two processes, the operating system maintains a collection of data called the process state. This includes the program’s RAM contents (control and data sections), plus the program counter and other data the program was using inside the CPU. When a particular process is actually executing, the CPU contains its program counter. The instructions contained in the executing program point at data in the program’s own data section.
A process “loses” the CPU either because its time is up or because it must wait for something, like a keystroke or other I/O operation. When this happens, the operating system “dispatches” a different process. Taking the following steps, the operating system:
Saves the program counter for the stopped process in its process state
Saves any other CPU data that belongs to the process in its process state
Locates the process state for the next process to run
Loads the CPU with the data needed to resume the next process
Loads the program counter for the next process into the CPU once all other data is loaded and ready; this resumes the next process
Section 2.7 describes the dispatching process in detail. It also provides an example of how to describe a program’s security controls.
Observing Active Processes
Most operating systems can display the system’s activity by listing the currently active processes. FIGURE 2.6 provides part of such a list, produced using the Unix keyboard command ps on Apple’s MacOS.
FIGURE 2.6 A partial list of processes displayed by the Unix ps command.
Courtesy of Dr. Richard Smith.
The right column lists the running programs by identifying the executable file (some names are truncated). The left column lists the identity of the user or system entity that is running the program. User programs belong to user “rick,” while other programs belong to system identities, including “root” and “super.” The PID column shows the process identifier, a numerical code assigned to the process; certain keyboard commands may use the PID to select a process to control. Other columns give execution times and the percentage of CPU and RAM granted to that process.
The ps command works on most Unix-based systems, including MacOS. The Macintosh also has a graphics-oriented “System Monitor” application. Microsoft Windows provides a similar graphical display using its Task Manager.
2.2.2 The Operating System
When we start, stop, or monitor processes on a computer, we rely on the operating system to do all of the work. The fundamental job of every operating system is to run programs, and this relies on certain basic functions:
■ Process management—keep the CPU busy by giving it processes to run.
■ RAM management—assign RAM to active processes and manage unused RAM to assure that it’s not wasted.
■ I/O management—make it easy for programs to use I/O devices through a uniform programming interface, and make it easy for computer owners to add or replace I/O devices.
These three functions appear in every operating system, from simple ones on the most basic cell phones to highly complex ones on the most sophisticated interactive desktops.
All operating systems provide a uniform application programming interface (API) through which programs can request specific services. For example, a program can request additional RAM, which might be provided as an increased size to its existing data section or as an additional, separate data section. More sophisticated operating systems, including modern Windows and Unix derivatives, allow one process to tell the operating system to start another process.
I/O System
The I/O system has a difficult job. The operating system must provide a uniform programming interface for using the keyboard, display, printer, hard drive, and any other device the user buys and wants to attach. When a program sends data to the computer’s printer, the program often doesn’t care who built the printer, whether it is ink jet or laser, or even whether it’s black and white or color. It’s up to the operating system to match these different printers to our application programs. The same problem arises when we connect cameras, cell phones, and other complex devices to our computers.
Operating systems address this problem with device drivers, specialized procedures that convert an application program’s requests into a form that the particular device understands. When we install a new device, the operating system often installs a special device driver to work with that device. These drivers are written specifically for the device and provided to its customers. Each driver is tailored for the particular operating system and for the particular device.
We examine device drivers further in Chapter 5.
Many operating systems, especially modern desktop systems, add three major components atop the I/O system:
File management—provides a special I/O interface to the hard drive, flash drive, or other external storage to make data easy to find and update; also manages free space on the drive to ensure that there is room for new files. The OS also provides access controls (see Chapters 3 through 5).
User interface—manages the keyboard and displays I/O to provide a way to give commands and receive responses from the operating system. On larger systems, this involves the modern GUI with a mouse, windows, menus, and other typical elements.
Network protocol process—manages network I/O to provide standard, internet-oriented network services (see Chapter 10).
Mobile Operating Systems
Traditional laptop and desktop computers include a set of well-established security mechanisms. When processes start and run, security mechanisms keep them from hogging the CPU or damaging each other’s RAM. The GUI also keeps processes from modifying each other’s windows on the video display. When users create files, they have the option of using them with almost any application, and of sharing them with other users on the computer. Users can often install any software they find for any purpose.
The two major mobile operating systems, Apple’s iOS and Google’s Android, take a different approach. Both systems run every application in a sandbox to prevent applications from sharing files or other resources, except when specifically permitted. For example, all eBooks available to a reading application are stored within that application’s sandbox. To read the same eBook in two different applications, the user must store a separate copy in each one.
The systems provide special controls to share data among applications. The API contains services to retrieve from important databases including the contacts list, photo library, music library, and calendar. Access requires that specific permissions be granted during application installation.
The separate sandboxes provide extra safety for applications that contain sensitive programs or data. Streaming video vendors actively protect their streams from interception. Other mobile applications can’t intercept such streams because the necessary resources are outside their sandboxes. This approach gives financial institutions higher confidence in transactions managed by a mobile application.