Recommendations for secure initialization routines in operating systems

Abstract

While a necessity of all operating systems, the code that initializes a system can be notoriously difficult to understand. This thesis explores the most common architectures used for bringing an operating system to its initial state, once the operating system gains control from the boot loader. Specifically, the ways in which the OpenBSD and Linux operating systems handle initialization are dissected. With this understanding, a set of threats relevant to the initialization sequence was developed. A thorough study was also made to determine the degree to which initialization code adheres to widely accepted software engineering principles. Based upon this threat analysis and the observed strengths and weaknesses of existing systems, a set of recommendations for initialization sequence architecture and implementation have been developed. These recommendations can serve as a guide for future operating system development.