Production time debugging

Writing KMDF Device Drivers for Windows

A Five-day Workshop


The new WDK with the new KMDF framework is as revolutionizing as C++ programming is to MFC. Writing device drivers today, using KMDF, is much simpler than before.
The course introduce using presentations, demos and practical labs, the Design considerations, development environment, architecture and practical consideration of writing KMDF device drivers for Windows 2000, XP, 2003, Vista, Window 7 and Windows Server 2008. and 2008 R2.

Target Audience

Experienced programmers interested in write kernel mode device drivers for windows OS (2000, XP, 2003, Vista, Windows 7 & Windows Server 2008 & 2008 R2).


  • Knowledge of the window OS concepts and architecture
  • Knowledge and practical experience with the "C" programming language
  • Basic knowledge of Object Oriented concepts
  • At least 2 years of programming experience
  • User level experience with windows OS & GUI
  • Practical experience developing windows application and using the Win32 API
  • Knowledge of the Visual Studio IDE is recommended.
  • Knowledge of basic hardware concepts & architecture
  • No prior knowledge of device driver's development is required or assumed

Main Topics:

  • Development Tools and Testing Environment for Device Drivers.
    • WDK
    • OS Symbols
    • Free and Checked Build
    • Logo Compliance
    • The Build Process
  • Debugging and analyzing Driver faults
    • Blue Screen of Death, Bug checks
    • System dump analysis
    • Setting and Using Windbag for live debugging
    • Driver Debugging procedures & Techniques
  • Windows 2000/XP/2003/Vista/7/Windows Server 2008/R2 Short Architecture Review
    • User mode, Kernel mode, SDK, WDK
    • HAL, Kernel, Subsystems
    • Kernel sub systems (I/O, Memory, Configuration, Object, Plug & Play, Power and other managers)
    • Virtual memory, System Objects; Device Drivers
    • OS processes and threads, Threads priority and scheduling
    • Interrupt dispatching; Interrupt processing; Interrupt Priority; IRQLs; DPC
    • User mode Kernel Mode interfaces
  • WDK, WDF, KMDF, MDF and WDM Overview
    • The purpose and usage of each term
    • The role of WDM in KMDF
    • Usage and limitation of each model
  • A short review on WDM terms and architecture
    • WDM Architecture & requirements
    • Driver types (Function, Filter, Bus)
    • Driver stacks
    • Device stacks
    • WDM Driver loading process
    • I/O request packets (IRP's), Structure, Header, Stack Location, Major and Minor function codes
    • Dispatching of IRP's, Forwarding to lower device, Life Cycle, Completion routine, Return codes
    • IRP Processing strategies (Forward and forget, forward and wait etc)
    • Problems and difficulties with the WDM model
  • WDF model and architecture
    • WDF objects, methods, properties, events and hierarchy
    • Core WDF objects, Driver, Device, I/O Target, I/O Queue, File, Request, Memory, Object
    • More WDF objects, Interrupt, Registry, DPC, Events & Timers, Resource List, PDO, Collections
    • Common WDF objects with UMDF, I/O Objects, PNP State Machine, I/O Pipeline, USB I/O Target
    • Object hierarchy in the WDF model
  • KMDF driver loading process
    • DriverEntry routine
    • Initializing the framework
    • Creating driver and device objects
  • KMDF Queue management, requests and Data Transfer
    • Creating queues
    • Queues types
    • Handling requests
    • Data transfer techniques (buffered, direct, neither)
    • I/O Targets and Transferring request to I/O targets
    • Completing requests
  • Accessing the Hardware
    • Working with I/O ports and Registers
    • Memory mapped I/O
  • Interrupts Timers and DPCs
    • Interrupt Service Routine
    • Timers
    • DPCs
  • Plug & Play
    • Plug & Play Overview
    • PnP requests IRPs
    • Default behavior of PNP in WDF
    • Starting and stopping a device
  • Power management
    • Power management Overview
    • Power requests and IRPs
    • Default behavior of power in WDF
    • Power states
    • Handling power transitions and requests
  • WMI and configuration
    • WMI Overview
    • WMI requests and IRPs
    • Default behavior of WMI in WDF
    • handling WMI requests
  • Installing Device Drivers
    • Installing Device Drivers
    • INF files structures and sections
    • Creating and verifying inf files
    • Other installation methods