principles, rules, hints and art of computer system …mobile/elec513/principle-02.pdfprinciples,...

Principles, rules, hints and art of computer system design

Lin Zhong

Guiding principles Acknowledgment of human limitation

Keep It Simple• When in doubt, use brute force

• time favors brute force

• When in doubt, leave it out

• adding a feature increases development effort disproportionally

• Avoid excessive generality

• If it’s good for everything, it’s good for nothing

Make it availableOpen design principle

Let anyone comment on the design; You need all the help you can get

Principles of Computer System Design by Salzter & Kaashoek

Linus’s Law

• “Given enough eyeballs, all bugs are shallow” —Linus Torvalds

How to structure your system

End to end principle• “ functions placed at low levels of a system may

be redundant or of little value when compared with the cost of providing them at that low level”

• functions: security, reliability, safety,…

End-to End Arguments in System Design by Saltzer, Reed and Clark, 1984

Separation of mechanism and policy

• Mechanism: access control & allocation of resources

• Policy: who has access and get what resources

Why separation?

• Policy changes faster

• Policy and mechanism require different privilege

• Policy and mechanism may come from different sources.

Separation of concerns

Separate interface from implementation

• Keep interface constant

Rule of Modularity• Write simple parts connected by clean interfaces

Robustness principle

• Be tolerant of inputs, strict on outputs


Digital Integrated Circuits © Prentice Hall 1995InverterInverter

The CMOS Inverter:A First Glance

VDD

Vin Vout

CL


CMOS Inverter VTC

Vout

Vin1 2 3 4 51

23

45

NMOS linPMOS off

NMOS satPMOS sat

NMOS offPMOS lin

NMOS satPMOS lin

NMOS linPMOS sat



VDD

Vin Vout

CL


The Regenerative Property

(a) A chain of inverters.

v0, v2, ...

v1, v3, ... v1, v3, ...

v0, v2, ...(b) Regenerative gate

f(v)

finv(v)

finv(v)

f(v)

(c) Non-regenerative gate

v0 v1 v2 v3 v4 v5 v6

...



VDD

Vin Vout

CL

The regenerative property of CMOS gates

Decouple modules with indirection

• Indirection supports replaceability


Decouple modules with indirection

• “All problems in computer science can be solved by another level of indirection”

• David Wheeler

• known as Fundamental theorem of software engineering

• “except for the problem of too many layers of indirection”

• Kevin Henney’s Corollary


Rule of Representation• Fold knowledge into the data so that program logic

can be stupid and robust

• “Data is more tractable than program logic. It follows that where you see a choice between complexity in data structures and complexity in code, choose the former. More: in evolving a design, you should actively seek ways to shift complexity from code to data.”

Booting Linux

• The old way (still the way on your PC): the kernel has the knowledge of the hardware

• The new way: the hardware knowledge is in the device tree (DTB). A generic kernel consults it

Checklist

About the development process

Rule of Optimization

• Prototype before polishing. Get it working before you optimize it.

Law of diminishing returns

• The more one improves some measure of goodness, the more effort the next improvement will require


Law of diminishing returnsGoodness

Effort

Law of diminishing returnsGoodness

Effort

It matters where you are on the curve?

Design for interaction

• You won’t get it right the first time, so make it easy to change


Rule of Extensibility• Design for the future, because it will be here sooner

than you think

Rule of Generation

• Avoid hand-hacking; write programs to write programs when you can

principles, rules, hints and art of computer system …mobile/elec513/principle-02.pdfprinciples,...

Documents