Multics

Multics
Developer MIT, GE, Bell Labs
Written in PL/1, Assembly language[1]
Working state Mature, Historic
Source model Open source
Initial release 1969
Available in English
Platforms GE-645 mainframes, Honeywell 6180 series machines
Kernel type Monolithic kernel
Default user interface Command line interface
License Originally proprietary,
Open-source Multics License since 2007[2][3]
Official website Multicians,
Multics Internet Server

Multics (Multiplexed Information and Computing Service) is an influential early time-sharing operating system, based around the concept of a single-level memory. Virtually all modern operating systems are heavily influenced by Multics; often through Unix, either directly (Linux, macOS) or indirectly (Microsoft Windows).

Overview

Initial planning and development for Multics started in 1964, in Cambridge, Massachusetts. Originally it was a cooperative project led by MIT (Project MAC with Fernando Corbató) along with General Electric and Bell Labs. Bell Labs pulled out in 1969, and in 1970 GE's computer business including Multics was taken over by Honeywell.

Multics was conceived as a commercial product for GE, and became one for Honeywell, but not a very successful one. Due to its many novel and valuable ideas, Multics had a significant impact in the computer field even though it was derided by some critics at the time.[4]

Multics had numerous features intended to ensure high availability so that it would support a computing utility similar to the telephone and electricity utilities. Modular hardware structure and software architecture were used to achieve this. The system could grow in size by simply adding more of the appropriate resource—computing power, main memory, disk storage, etc. Separate access control lists on every file provided flexible information sharing, but complete privacy when needed. Multics had a number of standard mechanisms to allow engineers to analyze the performance of the system, as well as a number of adaptive performance optimization mechanisms.

Novel ideas

Multics implemented a single-level store for data access, discarding the clear distinction between files (called segments in Multics) and process memory. The memory of a process consisted solely of segments that were mapped into its address space. To read or write to them, the process simply used normal Central processing unit (CPU) instructions, and the operating system took care of making sure that all the modifications were saved to disk. In POSIX terminology, it was as if every file was mmap()ed; however, in Multics there was no concept of process memory, separate from the memory used to hold mapped-in files, as Unix has. All memory in the system was part of some segment, which appeared in the file system; this included the temporary scratch memory of the process, its kernel stack, etc.

One disadvantage of this was that the size of segments was limited to 256 kilowords, giving just over 1 MiB. This was due to the particular hardware architecture of the machines on which Multics ran, having a 36-bit word size (not using the 8-bit byte). Extra code had to be used to work on files larger than this, called multisegment files. In the days when one megabyte of memory was prohibitively expensive, and before large databases and later huge bitmap graphics, this limit was rarely encountered.

Another major new idea of Multics was dynamic linking, in which a running process could request that other segments be added to its address space, segments which could contain code that it could then execute. This allowed applications to automatically use the latest version of any external routine they called, since those routines were kept in other segments, which were dynamically linked only when a process first tried to begin execution in them. Since different processes could use different search rules, different users could end up using different versions of external routines automatically. Equally importantly, with the appropriate settings on the Multics security facilities, the code in the other segment could then gain access to data structures maintained in a different process.

Thus, to interact with an application running in part as a daemon (in another process), a user's process simply performed a normal procedure-call instruction to a code segment to which it had dynamically linked (a code segment that implemented some operation associated with the daemon). The code in that segment could then modify data maintained and used in the daemon. When the action necessary to commence the request was completed, a simple procedure return instruction returned control of the user's process to the user's code.

The single-level store and dynamic linking are still not available to their full power in other widely used operating systems, despite the rapid and enormous advance in the computer field since the 1960s. They are becoming more widely accepted and available in more limited forms, for example, dynamic linking.

Multics also supported extremely aggressive on-line reconfiguration: central processing units, memory banks, disk drives, etc. could be added and removed while the system continued operating. At the MIT system, where most early software development was done, it was common practice to split the multiprocessor system into two separate systems during off-hours by incrementally removing enough components to form a second working system, leaving the rest still running the original logged-in users. System software development testing could be done on the second machine, then the components of the second system were added back onto the main user system, without ever having shut it down. Multics supported multiple CPUs, it was one of the earliest multiprocessor systems.

Multics was the first major operating system to be designed as a secure system from the outset. Despite this, early versions of Multics were broken into repeatedly.[5] This led to further work that made the system much more secure and prefigured modern security engineering techniques. Break-ins became very rare once the second-generation hardware base was adopted; it had hardware support for ring-oriented security, a multilevel refinement of the concept of master mode.

Multics was the first operating system to provide a hierarchical file system,[6][7] and file names could be of almost arbitrary length and syntax. A given file or directory could have multiple names (typically a long and short form), and symbolic links between directories were also supported. Multics was the first to use the now-standard concept of per-process stacks in the kernel, with a separate stack for each security ring. It was also the first to have a command processor implemented as ordinary user code – an idea later used in the Unix shell. It was also one of the first written in a high-level language (Multics PL/I), just after the Burroughs MCP system written in ALGOL.[1]

Project history

Multics was developed initially for the GE-645 mainframe, a 36-bit system; later, it was supported on the Honeywell 6180 series machines. "With Multics they tried to have a much more versatile and flexible operating system, and it failed miserably," said Dr. Peter H. Salus,[8] author of the definitive history of Unix's early years.[9] This position, however, has been widely discredited in the computing community as many of the technical innovations of the Multics project have found their way into modern commercial computing systems.[4]

Bell Labs pulled out of the project in 1969; some of the people who had worked on it there went on to create the Unix system. Multics development continued at MIT and General Electric.

In 1970, Honeywell bought General Electric's computer division, released a better hardware base, and continued system development until 1985. About 80 multimillion-dollar sites were installed, at universities, industry, and government sites. The French university system had quite a few installations in the early 1980s. After Honeywell stopped supporting Multics, users migrated to other systems, including Unix.

In 1985, Multics was issued certification as a B2 level secure operating system using the Trusted Computer System Evaluation Criteria from the National Computer Security Center (NCSC) a division of the NSA, the first operating system evaluated to this level.

Multics was distributed from 1975 to 2000 by Groupe Bull in Europe, and by Bull HN Information Systems Inc. in the United States. In 2006, Bull SAS open sourced Multics versions MR10.2, MR11.0, MR12.0, MR12.1, MR12.2, MR12.3, MR12.4 & MR12.5.[10]

The last known Multics installation running natively on Honeywell hardware was shut down on October 30, 2000, at the Canadian Department of National Defence in Halifax, Nova Scotia, Canada.[11]

Retrospective observations

The permanently resident kernel of this powerful multiprocessor mainframe computing utility, much derided in its day as being too large and complex, was only 135 KiB of code. The first MIT GE-645 had 512 kilowords of memory (2 MiB), a truly enormous amount at the time, and the kernel only used a moderate portion of Multics main memory.

The entire system, including the operating system and the complex PL/1 compiler, user commands, and subroutine libraries, consisted of about 1500 source modules. These averaged roughly 200 lines of source code each, and compiled to produce a total of roughly 4.5 MiB of procedure code, which was fairly large by the standards of the day.

Multics compilers generally optimised more for code density than CPU performance, for example using small sub-routines called operators for short standard code-sequences, making direct comparison of object code size with more modern systems less useful. High code density was a good optimisation choice for a multi-user system with expensive main memory, such as Multics.

Current status

In 2006 Bull HN released the source code for MR12.5, the final 1992 Multics release, to MIT.[12] Most of the system is now available as Open-source software with the exception of some optional pieces such as TCP/IP.[13]

In 2014 Multics was successfully run on current hardware using a simulator. Work on the project is ongoing.[14]

Influence on other projects

UNIX

The design and features of Multics greatly influenced the Unix operating system, which was originally written by two ex-programmers from the older project, Ken Thompson and Dennis Ritchie. Superficial influence of Multics on Unix is evident in many areas, including the naming of some commands. But the internal design philosophy was quite different, focusing on keeping the system small and simple, and so correcting some deficiencies of Multics because of its high resource demands on the limited computer hardware of the time.

The name Unix (originally Unics) is itself a pun on Multics. The U in Unix is rumored to stand for uniplexed as opposed to the multiplexed of Multics, further underscoring the designers' rejections of Multics' complexity in favor of a more straightforward and workable approach for smaller computers. (Garfinkel and Abelson[15] cite an alternative origin: Peter Neumann at Bell Labs, watching a demonstration of the prototype, suggested the name/pun UNICS (pronounced "Eunuchs"), as a "castrated Multics", although Dennis Ritchie is claimed to have denied this.[16])

Ken Thompson, in a transcribed 2007 interview with Peter Seibel[17] refers to Multics as "...overdesigned and overbuilt and over everything. It was close to unusable. They (i.e., Massachusetts Institute of Technology) still claim it’s a monstrous success, but it just clearly wasn't." He admits, however, that "the things that I liked enough (about Multics) to actually take were the hierarchical file system and the shell—a separate process that you can replace with some other process."

Other operating systems

The Prime Computer operating system, PRIMOS, was referred to as "Multics in a shoebox" by William Poduska, a founder of the company. Poduska later moved on to found Apollo Computer, whose AEGIS and later Domain/OS operating systems, sometimes called "Multics in a matchbox", extended the Multics design to a heavily-networked graphics workstation environment.

The Stratus VOS operating system of Stratus Computer (now Stratus Technologies) was very strongly influenced by Multics, and both its external user interface and internal structure bear many close resemblances to the older project. The high-reliability, availability, and security features of Multics were extended in Stratus VOS to support a new line of fault tolerant computer systems supporting secure, reliable transaction processing. Stratus VOS is the most directly-related descendant of Multics still in active development and production usage today.

The protection architecture of Multics, restricting the ability of code at one level of the system to access resources at another, was adopted as the basis for the security features of ICL's VME operating system.


See also

References

  1. 1 2 The Multics PL/1 Compiler R. A. Freiburghouse, General Electric Company, Cambridge, Massachusetts, 1969.
  2. http://opensource.org/licenses/Multics
  3. Myths about Multics: Myth: Multics was closed source
  4. 1 2 Myths about Multics
  5. Tom Van Vleck (2002). "How the Air Force cracked Multics Security".
  6. Multicians Glossary: File system
  7. R. C. Daley and P. G. Neumann, A general-purpose file system for secondary storage, AFIPS '65 (Fall, part I) Proceedings of the November 30 – December 1, 1965
  8. "40 years of Unix". BBC News. August 20, 2009. Retrieved May 13, 2010.
  9. Salus, Peter H. (1994). A quarter century of UNIX (Reprinted with corrections Jan. 1995. ed.). Reading, Mass.: Addison-Wesley Pub. Co. ISBN 978-0-201-54777-1.
  10. Multics history MIT
  11. "Multics History Dates". Retrieved 2015-09-13. Shutdown of DND-H (17:08Z 10/30/00)
  12. Van Vleck, Tom. "Open Source for Multics". Multicians.org. Retrieved April 11, 2016.
  13. Anthony, Charles. "(email) Re: [dps8m-developers] Multiprocessor and/or networked Multics". Sourceforge.net. Retrieved April 11, 2016.
  14. "RingZero - Multics reborn". WikidotCom. Retrieved April 11, 2015.
  15. Garfinkel, Simson and Abelson, Harold. Architects of the Information Society: Thirty-Five Years of the Laboratory for Computer Science at MIT. MIT Press, 1999. ISBN 978-0262071963
  16. Karn, Phil (1981-10-28). "Origins of unix". Newsgroup: fa.unix-wizards. Usenet: [email protected]. Retrieved 2014-04-11.
  17. Peter Seibel. Coders at Work: Reflections on the Craft of Programming. APress Publications, 2007. ISBN 978-1-4302-1948-4

Further reading

The literature contains a large number of papers about Multics, and various components of it; a fairly complete list is available here.[1] The most important and/or informative ones are listed below.

Technical details

Security

  1. http://www.multicians.org/biblio.html
This article is issued from Wikipedia - version of the 12/3/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.