One of the major Virtual Machine (VM) models in use today is the International Business Machines (IBM) view of virtual machines. IBM’s model is one in which each virtual machine is an exact copy of a real machine with a reduced memory capacity. With this notion, a large and powerful mainframe computer can be split up, or partitioned, into many virtual machines with slightly less resources available than the original mainframe computer.

The IBM view of virtual machines is similar to the other VM lineage’s in that it serves as a ‘mapping’ of functionality. This means that the VM intercepts ‘virtual’ instructions and then maps these virtual instructions to the actual instructions on the machine. In the case of the IBM lineage of the VM, these instructions basically enjoy a one-to-one mapping, meaning that every virtual instruction is mapped to a single corresponding actual machine instruction and is executed as such. Essentially users actually have access to, and execute all of the instructions directly on the machine.

Now, you are probably wondering how the IBM VM operating system maintains security if it essentially gives a user all of the functionality they would have on the actual machine. Security is accomplished through this mapping method by simply blocking or trapping a certain set of instructions that are deemed sensitive. An example of such instructions would be those that attempt to directly alter the processor’s memory (registers). This type of instruction, if allowed, would allow the user to directly alter the actual machine, thereby altering the other VM’s that might be running at any given time. If this were allowed to occur, then each user’s VM would not be completely independent and could therefore damage other user’s environments.

Essentially, the IBM VM system executes all non-sensitive instructions directly, and blocks the sensitive instructions. When the machine blocks these sensitive instructions, it attempts to simulate the desired operation so that the user is not aware they have attempted an illegal operation. The VM system provides virtual execution of the sensitive instructions if possible, thereby providing the user with all of the functionality they expect while still maintaining the S/370 hardware’s system integrity. All of this functionality is provided by the VM Operating System running on the hardware.

The VM Operating System is the "brains" of the entire IBM Virtual Machine architecture. The entire system, both Operating System and hardware is referred to as the VM System. Each VM system is controlled by a program called the Control Program. In addition to managing the actual physical hardware, this Control Program creates a virtual machine for any and every user of the system, with this virtual machine being an exact ‘simulation’ of a System/370 or System/390 mainframe computer. The important part of this IBM concept of virtual machines is that each user can run programs, store data and even crash the virtual machine they are running on without ever interfering with the VM system itself, or the other users of the system. Therefore, the IBM VM model not only allows resource sharing, but also protection of system resources.

The Control Program is the most important part of a VM system, and actually runs directly on the hardware of the mainframe computer. The Control Program administers the system hardware, system support tasks including startup and shutdown, as well as scheduling and execution of requests. The Control Program also manages the programming features that are supplied to each virtual machine, as well as the creation and maintenance of each virtual machine.

Along with the Control Program, the other main component that user’s of a VM system interact with is the Conversational Monitor System (or CMS for short). This term sounds complex, but basically the CMS provides the Operating system tasks that users need to work. Some of these services include file system commands, the ability to load and execute programs, memory management, screen and window services and the services that allow a user to write applications. The CMS is an Operating system that has been designed for a single user with a single task at a time. Although the system has the ability to handle multiple tasks at once, it is primarily used for a single task at a time. Each virtual machine has it’s own copy of CMS, thereby giving all users the same interface and functionality.

In addition to the Control Program and the CMS, there are a few other pieces that make up the VM system architecture. These pieces include the Group Control System, the Transparent System Access Facility, some additional Services, and the Dump Viewing Facility. I know what you are thinking, what does all of that gobbledygook mean? Well, to be honest, none of the aforementioned are essential to achieving a basic understanding of the IBM Virtual Machine system. So, we will now concentrate on the way that the Control Program and the Conversational Monitoring System handle this mapping of instructions.

As mentioned in the overview above, the instruction set is essentially a one-to-one mapping. For speed and convenience’s sake, most every instruction available on the System/370 and System/390 system is run directly by the system. This means that the CMS allows the user to run the instruction and have the functionality that the user would expect, with no penalty in speed. Now, I did say most, and this leaves us with the small subset of instructions, which the VM system deems as sensitive.

A sensitive instruction in this case would be one that essentially would allow the user to alter the state of another user’s Virtual machine, alter the state of the system hardware, as well as a few other sensitive or protected functions. Now, to illustrate this, let’s look at an example:

Let’s say a user tries to execute an instruction which grants them access to another user’s virtual machine and it’s resources. This instruction would be trapped by the CMS, and flagged as a sensitive instruction. This means that the CMS would recognize this instruction as a protected instruction and then pass it on to the Control Program with a special flag which would tell the Control Program, "this is a protected instruction." The computing term is called an interrupt, but that’s not important for this article.

Now, the Control Program would receive this instruction with this flag telling the Control Program that the instruction is a sensitive one. The Control Program would then take this instruction and perform some special routines, or checks, on the instruction to see what it should do. These routines would tell the Control Program whether it can attempt to simulate the execution of the instruction, or whether the instruction should be blocked altogether. If the Control Program simulates the instruction, the user would never know that they had attempted to run a sensitive instruction, and their system would continue as if nothing out of the ordinary occurred. If the Control Program must block the execution of the instruction, then a message would be relayed back to the user telling them the error and the program would most likely stop execution.

After reading through the above paragraphs, you now have a basic understanding of what the IBM model of the Virtual Machine is, and how it works. That’s all well and good, but I’ll bet you’re wondering if this model actually works. Does it perform as advertised? Well, to be perfectly honest, having used the system myself, it does indeed work.

The IBM VM system provides a way to share large systems with multiple users in a secure way. By creating copies of the actual machine for each user, the IBM system allows each user the same functionality and resources, without compromising any single user’s privacy or security. The system is stable enough after nearly thirty years of development that it is widely used in both businesses and universities as a resource-sharing system.