Catalog
concept#Platform#Architecture#Security

Operating System

Core concept for managing hardware, processes and system resources while providing an abstraction layer for applications.

An operating system is the core system software that manages hardware resources, schedules processes, and provides an abstraction layer for applications.
Established
High

Classification

  • High
  • Technical
  • Architectural
  • Advanced

Technical context

Virtualization platforms (e.g., KVM, VMware)Container runtimes and orchestrators (e.g., Docker, Kubernetes)Monitoring and observability tools

Principles & goals

Minimize attack surface via least privilegeClearly defined abstraction layers between kernel and applicationsEnsure determinism for time-critical tasks
Build
Enterprise, Domain, Team

Use cases & scenarios

Compromises

  • Kernel vulnerabilities can be exploited system-wide
  • Faulty scheduling policies can cause performance degradation
  • Complex upgrades can impact availability
  • Minimal kernel and package footprint to reduce attack surface
  • Automated configuration and reproducibility (IaC)
  • Regular security and performance testing

I/O & resources

  • Hardware platform or virtualization environment
  • Application requirements and workloads
  • Security and compliance requirements
  • Provision of a stable runtime environment
  • Interfaces for application development
  • Operational metrics and logs

Description

An operating system is the core system software that manages hardware resources, schedules processes, and provides an abstraction layer for applications. It handles memory management, filesystems, device drivers, and access control. Operating system architecture and interfaces shape application design, deployment practices, and operational reliability.

  • Efficient resource management and allocation
  • Isolation and protection of processes
  • Provision of standardized APIs and runtime environments

  • Complexity when adapting to specialized hardware
  • Driver and compatibility dependencies
  • Resource overhead on constrained devices

  • CPU utilization

    Measurement of average and peak CPU usage by processes and system services.

  • Memory usage and paging

    Observation of resident memory usage, swap usage and paging activity.

  • I/O latency

    Time to respond for disks, network interfaces or other block/char devices.

Linux kernel in production servers

Widespread use as a server OS, supported by package management, kernel modules and extensive drivers.

RTOS in industrial automation

Real-time operating systems provide deterministic behavior for control and sensor networks.

Mobile operating systems

Specialized systems with power management, sandboxes and permission models for mobile devices.

1

Analyze requirements and choose appropriate OS family

2

Configure kernel parameters and security policies

3

Test, set up monitoring and plan rollout

⚠️ Technical debt & bottlenecks

  • Legacy proprietary drivers without source builds
  • Manually maintained configuration changes outside IaC
  • Unapplied patches for known security vulnerabilities
I/O-boundCPU contentionMemory management
  • Using a desktop OS as an unhardended server
  • Misconfiguring permissions that permit root access
  • Ignoring real-time requirements by choosing wrong scheduler
  • Assuming driver stability without long-term tests
  • Complex live patches without rollback plan
  • Insufficient observability of kernel and system metrics
Systems programming and kernel fundamentalsOperating system configuration and tuningSecurity operations and hardening
Performance requirements and latencySecurity and isolation requirementsHardware support and driver ecosystem
  • Existing hardware architecture and driver availability
  • Real-time requirements or regulatory constraints
  • Legacy systems and backward compatibility