| Summary: | Approved for public release; distribution is unlimited. === Security engineering requires a combination of features and assurance to provide confidence that security policy is correctly enforced. Rigorous engineering principles are applicable across a broad range of systems. The purpose of this study is to analyze and compare three operating systems, including two general-purpose operating systems (Linux and OpenBSD) and a commercially available, embedded operating system (Talisker). The basis for the comparison considers secure software design principles, such as information hiding, hierarchical structuring, and modularity, as well as software complexity metrics, such as the McCabe Cyclomatic Complexity and the number-of-lines-of-code. In this analysis, we use a reverse engineering tool to show how the three operating systems compare to each other with respect to the qualities of a secure operating system design. The operating systems, their kernels, and their scheduling subsystems are analyzed and compared. From the results, it is shown that the OpenBSD operating system, kernel, and scheduler are the best when considering hierarchical structuring, modularity, and information hiding. The Linux kernel and scheduler and the Talisker operating system are least complex when considering the McCabe complexity and the number-of-lines-of-code.
|
|---|
