The Windows System

Windows is an operating system that allows users to run programs and manage computer files. It was first developed by Microsoft in 1985, and has since evolved into one of the most popular operating systems worldwide.

It also facilitates security features to protect computers and laptops from malware attacks. Windows also supports various languages for its interface through Language Interface Packs, which are free to download and install for all editions of the OS.

System Architecture

The Windows system architecture is the core functionality that supports all types of applications on Microsoft’s operating systems. These include traditional desktop software, web applications, and mobile devices.

The older versions of windows (up to windows 3.11 – not really considered windows) used a simple graphical layer on top of MS-DOS. The newer versions, based on the NT kernel, use a sophisticated memory management system for physical(RAM) and virtual(Disk) memory utilization.

It also manages hardware devices, provides an interface between the operating system and hardware, and implements higher-level services such as Windows API. The kernel-mode drivers and executive exist in kernel mode, while user-mode programs and subsystems run in protected process address space. These programs cannot directly access hardware and system resources, but must ask the kernel-mode drivers to perform these operations on their behalf. The kernel also synchronizes activities among processors to optimize performance. This is referred to as scheduling.

Subsystems

The windows system includes a number of subsystems that streamline and improve its functionality. These include the graphical user interface, which allows users to select menu items and click icons to navigate various applications. It also manages computer resources, such as CPU and memory, to complete tasks quickly and efficiently.

The environment subsystem is the interface between user mode applications and operating system kernel functions. This is the main mechanism that was designed to support applications written for different OS architectures, including MS-DOS and OS/2. The integral subsystem looks after OS specific functions on behalf of the environment subsystem, and consists of a security subsystem, a workstation service and a server service.

The Linux subsystem, which was introduced in Windows 10, enables developers to use familiar programming languages and tools such as grep and python, and navigate the Linux file system. It includes a session manager to manage the Linux instance, pico processes to address Linux system calls and a kernel-mode driver that emulates a pico device.

Kernel-Mode Drivers

Drivers provide low-level functions that are necessary to perform various actions in the system which are beyond the direct capabilities of user-mode programs. Examples of these actions include interfacing with hardware, manipulating threads and processes and network filtering. Because of the nature of these low-level functions, they must be called with privileged privileges from the kernel. A fault in a driver can bring down the entire operating system with a Blue Screen of Death (BSOD).

Driver programming is complex and requires techniques that are very different from those of user-mode software development. It is recommended that you familiarize yourself with the relevant documentation and research before moving forward with developing your own drivers.

A kernel-mode driver is typically contained within a driver package that includes an INF file, a catalog (.cat) file and any other files the driver may require. Microsoft requires that all driver packages be digitally signed with an EC or OV certificate obtained from a verified certificate authority, which helps defend against malicious drivers.

Hardware Abstraction Layer

The hardware abstraction layer is a piece of software that hides differences in the hardware from the kernel and user-mode components. This is a key component of the Windows operating system and allows applications to access hardware devices in a consistent manner regardless of the hardware type or manufacturer.

It also provides the foundation for application-level recursion, threading, and multiprocessor support. This architecture also provides the common base for all types of applications, including desktop software, web apps, and mobile applications.

While many hardware platforms have a HAL, each one is specialised for particular hardware, and each platform has different requirements in the way that its hardware modules communicate with the CPU using a set of instruction and data registers. This HAL is implemented in a variety of ways, and each Windows version is distributed with a selection of HALs that are differentiated from each other by the last letter of their filename (dl_ or ex_).

Developers can interact directly with the HAL through routines in the hal library. However, it is generally discouraged to do so because this is reverse engineering and can cause compatibility problems.