Becoming familiar with the windows internals

When I started learning about windows drivers, my first thought was to search for "introduction to windows drivers" or something equivalent in my favorite search engine. This led to a few links for tutorials on how to create simple drivers. Right now I think that this is a very bad approach. Even, if you understand how to write a small driver, it will be difficult to proceed. I believe that the best first step is to become familiar with the windows internals. A driver developer needs to be familiar with lots of operating system-dependent stuff, e.g. the synchronization primitives, the way that the scheduling works, the I/O manager, etc.

Currently, the definitive bible for windows internals is a book called "Microsoft Windows Internals, Fourth Edition: Microsoft Windows Server(TM) 2003, Windows XP, and Windows 2000" by Mark Russinovitz and David Solomon. This book provides the most in-depth coverage of the windows internals and is used as a base for every driver teaching course. It covers a wide area of topics, e.g. processes, I/O manager, file systems, networking, Online Crash Analysis, etc. I believe that this book is a MUST-read.

Based on the book, a lot of additional material has been created that can help somebody understand the fundamental windows concepts:

  1. The authors of the book have created a series of 6 dvds with videos that present the most important part of the topics that are covered by the book. Additional information about the dvds can be found at http://www.solsem.com/vid_internals.html. In the same link you can find information about the seminars that are taught by David Solomon on windows internals.
  2. Microsoft offers the Windows Operating System Internals Curriculum Resource Kit (CRK), which is a freely available collection of instructor resources to supplement operating system (OS) lectures and assignments with Windows kernel illustrations. The CRK provides PowerPoint presentation slides, experiments, lab descriptions, sample quizzes and assignments, in order to introduce case studies from the Windows kernel into operating system courses. The CRK, and all the components of the Windows Academic Program, are for academic, non-commercial use only.
  3. At http://www.i.u-tokyo.ac.jp/edu/training/ss/lecture/new-documents/Lectures/ you can find an extensive presentation that covers all the parts of the windows kernel.
  4. Microsoft also offers the Windows Research Kernel to faculty members, instructors or other people, who are teaching or conducting research in a highly accredited institute of higher education. The WRK includes most of the kernel sources from the latest released version of Windows, which supports the x64 architecture on the desktop.
  5. Apart from David Solomon, there are also other companies, which offer seminars on windows internals, e.g. OSR and Azius.