In this paper, we discuss the architecture of a modular UNIX-compatible operating system, MINIX 3, that provides reliability beyond that of most other systems. With nearly the entire operating system running as a set of user-mode servers and drivers atop a minimal kernel, the system is fully compartmentalized. By moving most of the code to unprivileged user-mode processes and restricting the powers of each one, we gain proper fault isolation and limit the damage bugs can do. Moreover, the system has been designed to survive and automatically recover from failures in critical modules, such as device drivers, transparent to applications and without user intervention. We used this new design to develop a highly reliable, open-source, POSIXconformant member of the UNIX family. The resulting system is freely available and has been downloaded over 75,000 times since its release.
Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Ho