Bibliography

[Ackerman 671 W. B. Ackerman and W. W. Plummer. An Implementation of a Multiprocessing Computer System. In Proceedings of the ACM Symposium on Operating System Principles. October 1967. [Almes 781 G. Almes and G. Robertson. An Extensible File System for . In Proceedings of 3rd International Conference on Software Engi- neering, pages 288-294. ACM, May 1978. [Almes 801 G. T. Almes. Garbage Collection in an Object-Oriented System. Ph.D. thesis, Carnegie-Mellon University, June 1980. [Bell 761 G. Bell and W. D. Strecker. Computer Structures: What Have We Learned From the PDP-ll? In Proceedings of the 3rd Annual Symposium on Computer Architecture, pages 1-14. January 1976. [Bennett 821 J. K. Bennett. A Comparison of Four Object-Oriented Systems. Tech- nical Report TR 82-11-03, Department of Computer Science, University of Washington, 1982. [Berstis 80a] V. Berstis. Security and Protection of Data in the IBM Systemi38. In Proceedings of the 7th Symposium ‘on Computer Architecture, pages 245-252. May 1980. [Berstis 80b] V. Berstis, C. D. Truxal and J. G. Ranweller. System/38 Address- ing and Authorization. In IBM System138 Technical Develop- ments. IBM GSD G580-0237-1, 1980. 207 Bibliography [Bierman 811 . M. Bierman. A Comparative Study of Network-Based Object-Ori- ented File Systems. Master’s thesis, University of Washington, 1981. [Birrell 781 A. D. Birrell and R. M. Needham. An Asynchronous GarbageCol- lector for the CAP Filing Systems. Operating Systems Review 12(2):31-33, April 1978. [Bishop 771 P. B. Bishop. Computer Systems with a Very Large Address Space and Garbage Collection. Ph.D. thesis, MIT, May 1977. [Brinch Hansen 781 P. B. Hansen. Distributed Processes:A Concurrent Programming Concept. Communications of the ACM 24(11):934-941, Novem- ber 1978. [Burroughs 611 The Descriptor-a Definition of the BSOOO Information Processing System. Burroughs Corporation, Detroit, Michigan, 1961. [Cohen 751 E. Cohen and D. Jefferson. Protection in the Hydra Operating Sys- tem. In Proceedings of the 5th Symposium on Operating Systems Principles, pages 141-160. November 1975. [Cohen 761 E. Cohen, W. Corwin, D. Jefferson, T. Lane, R. Levin, J. New- comer, F. Pollack, and W. Wulf. Hydra Kernel Reference Manual. Department of Computer Science, Carnegie-Mellon University, 1976. [Cook 78a] D. Cook. The Cost of Using the CAP Computer’s Protection Facili- ties. Operating Systems Review 12(l), April 1978. [Cook 78b] D. J. Cook. The Evaluation of a Protection System. Ph.D. thesis, University of Cambridge, 1978. [Cook 791 D. Cook. In Support of Domain Structure for Operating Systems. In Proceedings of the 7th Symposium on Operating Systems Princi- ples, pages 128-130. December 1979. [Cosserat 721 D. C. Cosserat. A Capability Oriented Multi-Processor System for Real-Time Applications. In Proceedings of the International Con- ference on Computer Communications. October 1972. [Cosserat 741 D. C. Cosserat. A Data Model Based on the Capability Protection Mechanism. In Proceedings of the International Workshop on Pro- 208 tection in Operating Systems. August 1974. [Cox 831 Bibliography G. W. Cox, W. M. Corwin, K. K. Lai, and F. J. Pollack. Inter- process Communication and Processor Dispatching on the Intel 432. ACM Transactions on Computer Systems l(l), February 1983. [Dahl 661 0. J. Dahl and K. Nygaard. Simula-An Algol-Based Simulation Language. Communications of the ACM 9(9), September 1966. [Dahlby 801 S. H. Dahlby, G. G. Henry, D. N. Reynolds, and P. T. Taylor. System/38-a High-Level Machine. In IBM System138 Technical Developments. IBM GSD G580-0237-1, 1980. [Denning 761 I?. J. Denning. Fault-Tolerant Operating Systems. Computing Sur- veys 8(4), December 1976. [Dennis 661 J. B. Dennis and E. C. Van Horn. Programming Semantics for Multiprogrammed Computations. Communications of the ACM 9(3), March 1966. [Dennis 801 T. D. Dennis. A Capability Architecture. Ph.D. thesis, Purdue Uni- versity, May 1980. [Dijkstra 781 E. W. Dijkstra, L. Lamport, A. M. Martin, C. S. Scholten, and E. F. M. Steffens. On-the-Fly Garbage Collection: An Exercise in Cooperation. Communications of the ACM 21(1l), November 1978. [DOD SO] Reference Manual for the Ada Programming Language. United States Department of Defense, 1980. [England 72a] D. M. Eng!and. Architectural Features of System 250. In Infotech State of the Art Report on Operating Systems. Infotech, 1972. [England 72b] D. M. England. Operating System of System 250. In Proceedings of International Switching Symposium. June 1972. [England 741 D. M. England. Capability Concept Mechanism and Structure in System 250. In Proceedingsof the International Workshop on Pro- tection in Operating Systems. August 1974. [Fabry 671 R. Fabry. A User’s View of Capabilities. In ICR Quarterly Report, pages Cl-C8. U. of Chicago Institute for Computer Research, November 1967. 209 Bibliography [Fabry 681 R. S. Fabry. Preliminary Description of a Supervisor for a Machine Oriented Around Capabilities. In ICR Quarterly Report, pages Bl-B97. U. of Chicago Institute for Computer Research, August 1968. [Fabry 711 R. S. Fabry. List-Structured Addressing. Ph.D. thesis, University of Chicago, March 1971. [Fabry 741 R. S. Fabry. Capability-Based Addressing. Communications of the ACM 17(7):403-412, July 1974. [Feustel 721 E. A. Feustel. The Rice ResearchComputer-A Tagged Architec- ture. In Proceedings of the Spring Joint Computer Conference, pages 369-377. IFIPS, 1972. [Feustel 731 E. A. Feustel. On the Advantages of Tagged Architectures. IEEE Transactions on Computers C-22(7):644-656, July 1973. [Fuller 781 S. H. Fuller and S. P. Harbison. The C.mmp Multiprocessor. Tech- nical Report, Department of Computer Science, Carnegie-Mel- lon University, 1978. [Gehringer 791 E. F. Gehringer. Variable-Length Capabilities as a Solution to the Small-Object Problem. In Proceedings of the 7th Symposium on Operating Systems Principles, pages 131-142. December 1979. [Gehringer 8 l] E. F. Gehringer and R. J. Chansler, Jr. STAROS User and System Structure Manual, Department of Computer Science, Carnegie- Mellon University, 1981. [Gehringer 821 E. F. Gehringer. Capability Architectures and Small Objects. UMI Research Press, 1982. [Goldberg 831 A. Goldberg and D. Robson. Smalltalk-80: The Language and Its Implementation. Addison-Wesley, 1983. [Goodenough 751 J. B. Goodenough. Exception Handling: Issues and a Proposed Notation. Communications of the ACM 18(12):683-696, Decem- ber 1975. [Graham 721 G. S. Graham and P. J. Denning. Protection-Principles and Prac- tice. In Proceedings of the SpringJoint Computer Conference, pages 210 417-429. 1972. [Halton 721 Bibliography D. Halton. Hardware of the System 250 for Communication Con- trol. In Proceedings of International Switching Symposium. June 1972. [Hamer-Hodges 721 K. J. Hamer-Hodges. Fault Resistance and Recovery Within Sys- tem 250. In Proceedings of the International Conference on Com- puter Communications. October 1972. . [Hamilton 791 J. Hamilton. Location Dependencies in Distributed Operating Sys- tems. In Proceedings of the Louisiana Computer Exposition. March 1979. [Hansen 821 I?. M. Hansen, M. A. Linton, R. N. Mayo, M. Murphy, and D. A. Patterson. A Performance Evaluation of the Intel iAPX 432. Computer Architecture News 10(4):17-26, June 1982. [Harrison 751 M. A. Harrison, W. L. RUZZO,and J. D. Ullman. On Protection in Operating Systems. In Proceedings of the 5th Symposium on Oper- ating Systems Principles, pages 14-24. November 1975. [Herbert 77a] A. J. Herbert, editor. CAP Hardware Manual. Computer Labora- tory, University of Cambridge, 1977. [Herbert 77b] A. J. Herbert, editor. CAP System Programmer’s Manual. Com- puter Laboratory, University of Cambridge, 1977. [Herbert 77~1 A. J. Herbert, editor. CAP Operating System Manual. Computer Laboratory, University of Cambridge, 1977. [Herbert 78a] A. J. Herbert. A New Protection Architecture for the Cambridge Capability Computer. Operating Systems Review 12(l), January 1978. [Herbert 78b] A. J. Herbert. A Microprogrammed Operating System Kernel. Ph.D. thesis, University of Cambridge, 1978. [Herbert 791 A. J. Herbert. A Hardware-Supported Protection Architecture. In D. Lanciaux, editor, Operating Systems. North Holland, 1979. [Hoare 741 C. A. R. Hoare. Monitors: An Operating System Structuring Con- cept. Communications of the ACM 17(10):549-557, October 1974. 271 Bibliography [Hoch 801 C. Hoch and J. C. Browne. An Implementation of Capabilities on the PDF’-11145. Operating Systems Review 14(3), July 1980. [Hoffman 801 R. L. Hoffman and F. G. Soltis. Hardware Organization of the Systemi38. In IBM System138 Technical Developments. IBM GSD G580-0237-1, 1980. [Houdek 801 M. E. Houdek and G. R. Mitchell. Translating a Large Virtual Address. In IBM System138 Technical Developments. IBM GSD G580-0237-1, 1980. [Houdek 811 M. E. Houdek, F. G. Soltis, and R. L. Hoffman. IBM System/38 Support for Capability-Based Addressing. In Proceedings of the 8th Symposium on Computer Architecture. ACM/IEEE, May 1981. w 74 HP 3000 Computer System Reference Manual. Hewlett-Packard Company, Cupertino, California, 1972. [IBM 801 IBM System138 Functional Reference Manual. IBM GA21-9331-3, 1982. [IBM 82a] IBM System138 Technical Developments. IBM GSD G580-0237-1, 1980. (A collection of 30 short papers on Systemi38). [IBM 82b] IBM System138 Functional Concepts Manual. IBM GA21-9330-1, 1982. [Iliffe 621 J. K. Iliffe and J. G. Jodeit. A Dynamic Storage Allocation Scheme. Computer Journal 5(3):200-209, October 1962. [Iliffe 681 J. K. Iliffe. Basic Machine Principles. American Elsevier, Inc., New York, 1968. [Iliffe 691 J. K. Iliffe. Elements of BLM. Computer Journal 12(3):251-258, August 1969. [Iliffe 821 J. K. Iliffe. Advanced Computer Design. Prentice/Hall Interna- tional, 1982. [Ingalls 781 D. H. H. Ingalls. The Smalltalk- Programming System Design and Implementation. In Proceedings of the 5th ACM Symposium 212 on Principles of Programming Languages. January 1978. [Ingalls 811 Bibliography D. H. H. Ingalls. Design Principles Behind Smalltalk. Byte 6(8), 1981. [Intel 811 iAPX 432 General Data Processor Architecture Reference Manual. Preliminary edition, Intel Corp., Aloha, Oregon, 1981. [Intel 821 iAPX 432 General Data Processor Architecture Reference Manual. Revision 3 (Advance Partial Issue) edition, Santa Clara, Califor- ma, 1982. [Jagannathan 801 A. Jagannathan. A Technique for the Architectural Implementa- tion of Software Subsystems. In Proceedings of the 7th Symposium on Computer Architecture, pages 236-244. May 1980. [Jensen 751 K. Jensen and N. Wirth. Pascal User Manual and Re$ort. Springer-Verlag, 1975. [ Jodeit 681 J. G. Jodeit. Storage Organization in Programming Systems. Com- munications of the ACM 1l( 1l), November 1968. [Jones 731 A. K. Jones. Protection in Programmed Systems. Ph.D. thesis, Car- negie-Mellon University, June 1973. [Jones 78a] A. K. Jones, R. J. Chansler, Jr., I. Durham, K. Schwans and S. R. Vegdahl. STAROS,A Multiprocessor Operating System for the Support of Task Forces. In Proceeding of the 7th Symposium on Operating Systems Principles, pages 117-127. December 1978. [Jones 78b] A. K. Jones. The Object Model: A Conceptual Tool for Structuring Software. In R. Bayer, R.M. Graham, and G. Seegmuller, (edi- tors), Operating Systems-AtqAdvanced Course. Springer-Verlag, 1978. [Jones 80a] A. K. Jones and E. F. Gehringer, editors. The Cm* Multiprocessor Project: A Research Review. Technical Report, Department of Computer Science, Carnegie-Mellon University, July 1980. [Jones 80b] A. K. Jones. Capability Architecture Revisited. Operating Systems Review 14(3), July 1980. [Kaehler 811 T. Kaehler. Virtual Memory for an Object-Oriented Language. Byte 6(8), August 1981. 213 Bibliography [Kahn 811 K. C. Kahn, W. M. Corwin, T. D. Dennis, H. D’Hooge, D. E. Hubka, L. A. Hutchins, J. T. Montague, and F. J. Pollack. iMAX: A Multiprocessor Operating System for an Object-Based Computer. In Proceedings of the 8th Symposium on Operating Sys- tem Principles. December 1981. [Krasner 8 l] G. Krasner. The Smalltalk- Virtual Machine. Byte 6(8), 1981. [Lampson 691 B. W. Lampson. Dynamic Protection Structures. In Proceedings of Fall Joint Computer Conference, pages 27-38. IFIPS, 1969. [Lampson 711 B. W. Lampson. Protection. In Proceedings of the Fifth Princeton Symposium on Information Sciences and Systems, pages 437-443. March 1971. Reprinted in Operating Systems Review, 8(l), Janu- ary 1974. [Lampson 761 B. W. Lampson and H. E. Sturgis. Reflections on an Operating System Design. Communications of the ACM 19(5):251-265, May 1976. [Lampson 801 B. W. Lampson and D. P. Redell. Experience with Processesand Monitors in Mesa. Communications of the ACM 23(2):105-117, February 1980. [Lazowska 8 l] E. D. Lazowska, H. M. Levy, G. T. Almes, M. J. Fischer, R. J. Fowler, and S. C. Vestal. The Architecture of the Eden System. In Proceedings of the 8th Symposium on Operating Systems Princi- ples. December 1981. [Levin 751 R. Levin, E. Cohen, W. Corwin, F. Pollack, and W. Wulf. Policy/ Mechanism Separation in Hydra. In Proceedings of the 5th Sympo- sium on Operating Systems Principles, pages 132-140. November 1975. [Levin 771 R. Levin. Program Structures for Exceptional Condition Handling. Ph.D. thesis, Carnegie-Mellon University, June 1977. Pw 811 H. M. Levy. A Comparative Study of Capability-Based Computer Architectures. Master’s thesis, University of Washington, 1981. [Linden 761 T. A. Linden. Operating System Structures to Support Security and Reliable Software. Computing Surveys 8(4), December 1976. [Liskov 771 274 B. Liskov, A. Snyder, R. Atkinson, and C. Schaffert. Abstraction Mechanisms in CLU. Communications of the ACM Bibliography 20(8):564-576, August 1977. [Liskov 79a] B. H. Liskov and A. Snyder. Exception Handling in CLU. IEEE Transactions on Software Engineering (6):546-558, October 1979. [Liskov 79b] B. Liskov, R. Atkinson, T. Bloom, E. Moss, C. Schaffert, B. Scheifler, and A. Snyder. CLU Reference Manual. Technical Report LCSiTR-225, MIT, October 1979. [Luniewski 791 A. W. Luniewski. The Architecture of an Object Based Personal Com- puter. Ph.D. thesis, MIT, 1979. [MIT 711 PDP-1 Computer Instruction Manual, Part S-MTA’s and IVK’s. Electrical Engineering Department Document PDP-35-1, MIT, Cambridge, Mass., 1971. [Morris 73a] J. H. Morris, Jr., Types Are Not Sets. In Symposzum on the Princi- ples of Programming Languages, pages 120-121. October 1973. [Morris 73b] J. H. Morris, Jr. Protection in Programming Languages. Communi- cations of the ACM 16(1):15-21, January 1973. [Myers 801 G. J. Myers and B. R. S. Buckingham. A Hardware Implementa- tion of Capability-Based Addressing. Operating Systems Review 14(4), October 1980. [Myers 821 G. J. Myers. Advances in Computer Architecture, Second Edition. John Wiley & Sons, 1982. [Needham 721 R. M. Needham. Protection Systems and Protection Implementa- tions. In Proceedings of the FallJoint Computer Conference, pages 571-578. 1972. [Needham 741 R. M. Needham and M. V. Wilkes. Domains of Protection and the Management of Processes. The Computer Journal 17(2), 1974. [Needham 77a] R. M. Needham and R. D. H. Walker. The Cambridge CAP Com- puter and its Protection System. In Proceedings of the 6th Sympo- sium on Operating System Principles, pages l-10. November 1977. [Needham 77b] R. M. Needham. The CAP Project-an Interim Evaluation. In Proceedings of the 6th Symposium on Operating System Principles, pages 17-22. November 1977. 215 Bibliography [Needham 77~1 R. M. Needham and A. D. Birrell. The CAP Filing System. In Proceedings of the 6th Symposium on Operating System Principles, pages 11-16. November 1977. [Organick 831 E. I. Organick. A Programmer’s View of the Intel 432 System. McGraw-Hill, 1983. [Ousterhout 80a] J. K. Ousterhout, D. A. Scelza, and P. S. Sindhu. Medusa: An Experiment in Distributed Operating System Structure. Commu- nications of the ACM 23(2), February 1980. [Ousterhout 80b] J. K. Ousterhout. Partitioning and Cooperation in a Distributed Mul- tiprocessor Operating System: Medusa. Ph.D. thesis, Carnegie- Mellon University, April 1980. parnas 721 D. L. Parnas. On The Criteria To Be Used In Decomposing Sys- tems Into Modules. Communications of the ACM 15(12), Decem- ber 1972. [Pashtan 821 A. Pashtan. Object Oriented Operating Systems: An Emerging Design Methodology. In Proceedings of ACM 82, pages 126-131. October 1982. [Pinnow 801 K. W. Pinnow, J. G. Ranweller, and J. F. Miller. System/38 Ob- ject-oriented Architecture. In IBM System138 Technical Develop- ments. IBM GSD G580-0237-1, 1980. JPollack 8 l] F. J. Pollack, K. C. Kahn, and R. M. Wilkinson. The iMAX- Object Filing System. In Proceedings of the 8th Symposium on Operating System Principles. December 1981. [Pollack 821 F. J. Pollack, G. W. Cox, D. W. Hammerstrom, K. C. Kahn, K. K. Lai, and J. R. Rattner. Supporting Ada Memory Manage- ment in the iAPX-432. In Proceedings of the Symposium on Archi- tectural Support for Programming Languages and Operating Sys- tems, pages 117-131. March 1982. pattner 8 l] J. Rattner and W. W. Lattin. Ada Determines Architecture of 32- bit Microprocessor. Electronics 54(4), February 24, 1981. pedell 74a] D. D. Redell. Naming and Protection in Extendible Operating Sys- tems. Ph.D. thesis, University of California, Berkeley, Septem- 216 ber 1974. Available also as MIT project MAC TR-140. [Redell 74b] Bibliography D. Redell and R. Fabry. Selective Revocation of Capabilities. In International Workshop on Protection in Operating Systems. IRIA, August 1974. [Saltzer 741 J. H. Saltzer. Protection and the Control of Information Sharing in Multics. Communications of the ACM 17(7):388-402, July 1974. [Saltzer 751 J. H. Saltzer and M. D. Schroeder. The Protection of Information in Computer Systems. Proceedings of the IEEE 63(9), September 1975. [Shepherd 681 J. H. Shepherd. Principal Design Features of the Multi-Computer. In ICR Quarterly Report, pagesCl-C13. U. of Chicago Institute for Computer Research, November 1968. [Snyder 791 A. Snyder. A Machine Architecture to Support an Object-Oriented Language. Ph.D. thesis, MIT, March 1979. [Soltis 791 F. G. Soltis and R. L. Hoffman, Design Considerations for the IBM Systemi38. In Proceedings of Compcon 79. Spring 1979. [Soltis 811 F. G. Soltis. Design of a Small Business Data Processing System. Computer, September 1981. [Spier 731 M. J. Spier, T. N. Hastings, and D. N. Cutler. An Experimental Implementation of the Kernel/Domain Architecture. In Proceed- ings of the Fourth Symposium on Operating System Principles, pages 8-21. October 1973. [Sturgis 741 H. E. Sturgis. A Postmortem for a Timesharing System. Ph.D. thesis, University of California, Berkeley, 1974. Reprinted as Xerox Part report CSL-74-l. [Swan 781 R. J. Swan. The Switching Structure and Addressing Architecture of an Extensible Multiprocessor: Cm*. Ph.D. thesis, Carnegie-Mellon University, August 1978. [Walker 731 R. D. H. Walker. The Structure of a Well-Protected Computer. Ph.D. thesis, University of Cambridge, 1973. [Wilkes 681 M. V. Wilkes. Time-Sharing Computer Systems. American Elsevier, Inc., New York, 1968. 217 Bibliography [Wilkes 791 M. V. Wilkes and R. M. Needham. The Cambridge CAP Computer and its Operating System. North Holland, New York, 1979. [Wilkes 821 M. V. Wilkes. Hardware Support for Memory Protection. In Pro- ceedings of the Symposium on Architectural Support for Program- ming Languages and Operating Systems, pages 107-l 16. March 1982. mulf 74a] W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson, and F. Pollack. Hydra: The Kernel of a Multiprocessor Operat- ing System. Communications of the ACM 17(6), June 1974. JWulf 74b] W. A. Wulf. Alphard: Toward a Language to Support Structured Pro- grams. Technical Report, Carnegie-Mellon University, Computer Science Department, 1974. DJoulf 751 W. Wulf, R. Levin, and C. Pierson. Overview of the Hydra Oper- ating System Development. In Proceedings of the Fifth Symposium on Operating Systems Principles, pages 122-13 1. November 1975. [Wulf 781 W. A. Wulf, and S. P. Harbison. Reflections in a Pool of Proces- sors: An Experience Report on Cmmp. In 1978 National Com- 1 purer Conference. AFIPS Press, 1978. [Wulf 811 W. A. Wulf, R. Levin, and S. P. Harbison. HYDRAlC.mmp: An Experimental Computer System. McGraw-Hill, New York, 1981. [Yngve 681 V. H. Yngve. The Chicago Magic Number Computer. In ZCR Quarterly Report, pages Bl-B20. U. of Chicago Institute for Computer Research, November 1968. [Zeigler 811 S. Zeigler, N. Allegre, R. Johnson, and J. Morris. Ada for the Intel 432 Microcomputer. Computer 14(6):47-56, June 1981.

218