A1.3.2 Describe the functions of an operating system.

The big idea

An operating system’s functions are the concrete services that put its resource-management role into practice. Where the role (A1.3.1) is to abstract hardware and arbitrate resources, the functions (A1.3.2) are the specialised subsystems that do the day-to-day work of that abstraction: keeping the machine coherent, secure and useful while many programs run concurrently. 

System integrity refers to the operating system’s ability to ensure that its own code, data, and that of running applications remain correct, consistent and protected from accidental corruption or malicious interference. Maintaining system integrity is a core background function of the OS, underpinning all higher‐level services (memory management, file systems, networking, etc.) by guaranteeing that the system behaves predictably and securely.

 

The IB syllabus groups these functions into nine broad areas .

---

Core functions and what each one actually does

Function (syllabus term)	What the OS is really doing	Typical artefacts & algorithms
System-integrity & background operations	Monitors hardware errors, cleans up defunct processes, rotates logs, verifies checksums and applies patches so faults in one component don’t corrupt the rest.	Watchdog timers, journaling, periodic housekeeping daemons.
Memory management	Tracks every byte of RAM, gives each process a private, contiguous virtual address space, swaps pages to secondary storage and stops writes to forbidden pages.	Buddy allocators, paging, copy-on-write, slab caches.
File system	Provides named, persistent objects arranged in directories, independent of the underlying block device; enforces permissions and caching.	B-tree directory indices, journaling (ext4, NTFS), log-structured flash translation layers.
Device management (I/O)  !Important! Please review this article: what is a device	Loads drivers, mediates DMA, queues requests, and offers a uniform read/write/ioctl interface so software need not know register-level details.	Interrupt handling, I/O schedulers (elevator, CFQ), plug-and-play bus enumeration.
Scheduling (CPU)	Decides which thread runs next, for how long, and on which core, balancing throughput, latency and fairness.	Round-robin, CFS (Linux), multilevel feedback queues, real-time EDF.
Security	Authenticates users, enforces access-control lists and capabilities, isolates processes, and audits events.	PAM, SELinux/SMACK policies, mandatory integrity control, disk encryption keyrings.
Accounting	Measures who consumed how much CPU, I/O, memory and network, enabling quotas, billing or QoS decisions.	getrusage, process accounting logs, cgroup statistics.
Graphical user interface (GUI)	Runs a window server or compositor that turns abstract drawing commands into pixels, mediating input and window focus among apps.	Wayland/Weston, Quartz Compositor, DirectComposition; double-buffering, input event queues.
Virtualisation & networking	Presents virtual NICs, switches and sockets; encapsulates entire machines (VMs or containers) so that multiple OS instances share hardware safely.	Hypervisors (KVM, Hyper-V), namespaces & cgroups, TCP/IP stack, virtual switches (Open vSwitch).

---

How these functions cooperate to maintain system integrity

1. Privilege rings & system-call interface prevent user code from touching kernel data directly.
2. Reference counting and garbage collectors in the kernel free resources that orphaned processes forgot.
3. Redundancy checks (parity, ECC, checksums) detect corrupted blocks; the file-system journal replays incomplete writes after a crash.
4. Background daemons such as fsck, logrotate, systemd-oomd and automatic-update agents repair, prune and patch without user intervention.

Together, these mechanisms ensure that one malfunctioning driver or runaway process cannot destabilise the entire system