What is Watchdog & what do you know about it?

872    Asked by Ankesh Kumar in Cyber Security , Asked on Feb 7, 2022

 Today I came across this term "Watchdog", and something about "DPC_WATCHDOG VIOLATION" errors in Windows. I tried googling around but I only found posts on how to fix Watchdog errors, but nothing on what Watchdog really is or how it works. So, what is Watchdog exactly? Is it some kind of mitigation like DEP or CFI? Does it have some kind of security implications?

Answered by Anil Jha

What a watchdog can be explained as - a watchdog timer (software or hardware) has no security implications.

A watchdog is a timer that is used to detect hardware or software lockups. A watchdog timer counts down and, if it ever reaches zero, it will assume the system has frozen and will take corrective action (such as by rebooting the computer). In order to prevent this from happening, a process will periodically reset the watchdog, usually once every few seconds. In the case that this process ever stops functioning (for example due to the computer locking up), the watchdog will keep ticking down until it eventually reaches zero and causes a reboot. The amount of time that must lapse varies from milliseconds to full minutes, depending on how fast the system must respond to a malfunction. A software watchdog is designed to detect userspace (user programs) freezing or otherwise becoming unresponsive. It's only capable of working if the kernel (the core of the OS) is still functional. A hardware watchdog is usually built into the motherboard and will detect a system lock up no matter what, as a frozen or crashed computer will stop resetting it, causing it to force the system to restart. See Watchdog timer on Wikipedia for more information.



Your Answer

Interviews

Parent Categories