CAP computer

The Cambridge CAP computer was the first successful experimental computer that demonstrated the use of security capabilities, both in hardware and software.[1] It was developed at the University of Cambridge Computer Laboratory in the 1970s. Unlike most research machines of the time, it was also a useful service machine.[1]

The CAP Computer as it currently stands in the Cambridge computer lab.

The sign currently on the front of the machine reads:

The CAP project on memory protection ran from 1970 to 1977. It was based on capabilities implemented in hardware, under M. Wilkes and R. Needham with D. Wheeler responsible for the implementation. R. Needham was awarded a BCS Technical Award in 1978 for the CAP (Capability Protection) Project.

Design

The CAP was designed such that any access to a memory segment or hardware required that the current process held the necessary capabilities.

Archive photo from 1979, showing the inside of the machine and its connection to the Cambridge Ring.

The 32-bit processor featured microprogramming control, two 256-entry caches, a 32-entry write buffer and the capability unit itself, which had 64 registers for holding evaluated capabilities. Floating point operations were available using a single 72-bit accumulator. The instruction set featured over 200 instructions, including basic ALU and memory operations, to capability- and process-control instructions.

Instead of the programmer-visible registers used in Chicago and Plessey System 250 designs, the CAP would load internal registers silently when a program defined a capability.[2] The memory was divided into segments of up to 64K 32-bit words. Each segment could contain data or capabilities, but not both. Hardware was accessed via an associated minicomputer.

All procedures constituting the operating system were written in ALGOL 68C, although a number of other closely associated protected procedures - such as a paginator - are written in BCPL.[3]

Operation

The CAP first became operational in 1976. A fully functional computer, it featured a complete operating system, file system, compilers, and so on. The OS used a process tree structure, with an initial process called the "Master coordinator". This removed the need for separate modes of operation, as each process could directly access the resources of its children. In practice, only two levels were ever used during the CAP's operation.[4]

gollark: I'll send you some samples.
gollark: Wow, VSCode is *fine* with editing this 8MB JSON file.
gollark: I forgot the URL.
gollark: ,flappy fly bird man?
gollark: We've lost WEEKS of soul harvesting data to bugginess.

See also

Notes

  1. Levy, p.96
  2. Levy, p. 79
  3. Wilkes and Needham, p. 32
  4. Levy, p. 81

References

  • Wilkes, M. V.; Needham, R. M. (1979). The Cambridge CAP Computer and Its Operating System (PDF). New York: Elsevier North Holland.
  • Levy, Henry M. (1984). "The Cambridge CAP Computer". Capability-Based Computer Systems (PDF). Digital Press.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.