Production time debugging

Writing UMDF Device Drivers for Windows

A Five-day Workshop


Writing Device Drivers in user mode is much simpler then writing Device Drivers in Kernel Mode. Every driver that its end point is accessible through user mode library (Like USB, Winsock etc.) can be written using C++ COM and the UMDF framework in user mode instead of using the more complicated kernel mode interface. The course introduce using presentations, demos and practical labs, the Design considerations, development environment, architecture and practical consideration of writing UMDF device drivers for Windows XP(SP2) and above (including windows 7 and server 2008 R2).

Target Audience

Experienced programmers interested in write user mode device drivers for windows OS for XP (SP2) and above (Up to windows 7 and server 2008R2).


  • Knowledge of the window OS concepts and architecture
  • Knowledge and practical experience with the "C" programming language
  • Knowledge and practical experience with the "C++" programming language
  • Basic knowledge of Object Oriented concepts
  • At least 2 years of programming experience
  • User level experience with windows OS & GUI
  • Practical experience developing windows application and using the Win32 API
  • Experience using Visual Studio IDE.
  • Knowledge of basic hardware concepts & architecture
  • No prior knowledge of device driver's development is required or assumed

Main Topics:

  • Development, debugging and Testing Tools and Environment for UMDF Device Drivers.
    • WDK
    • Visual Studio
    • Debugging tools for windows
    • OS Symbols
    • Free and Checked Build
    • Logo Compliance
    • The Build Process
  • Windows OS hort Architecture Review
    • User mode, Kernel mode, SDK, WDK
    • HAL, Kernel, Subsystems
    • Kernel sub systems (I/O, Memory, Configuration, Object, Plug & Play, Power and other managers)
    • Virtual memory, System Objects; Device Drivers
    • OS processes and threads, Threads priority and scheduling
    • Interrupt dispatching; Interrupt processing; Interrupt Priority; IRQLs; DPC
    • User mode Kernel Mode interfaces
  • WDK, WDF, KMDF, MDF and WDM Overview and Terminology
    • The role of WDM in KMDF
    • Usage and limitation of each model
    • WDM Architecture Á requirements
    • I/O request packets (IRP's), Structure, Header, stack Location, Major and Minor function codes
    • Driver and Device stacks
    • Dispatching of IRP's, Forwarding to lower device, Life Cycle, Completion routine, Return codes
    • Driver types (Function, Filter, Bus)
    • WDF objects, methods, properties, events and hierarchy
    • Core WDF objects, Driver, Device, I/O Target, I/O Queue, File, Request, Memory, Object
    • More WDF objects, Interrupt, Registry, DPC, Events Á Timers, Resource List, PDO, Collections
    • Common WDF objects with UMDF, I/O Objects, PNP State Machine, I/O Pipeline, USB I/O Target
    • Object hierarchy in the WDF model
    • usage and constrains of each model: WDM. KMDF and UMDF
  • COM & COM Light
    • UMDF and COM
    • COM interfaces
    • Accessing COM objects
    • COM data structures
    • Using COM objects
    • COM events
    • ATL Fundmentals
    • creating COM Light Classes and objects
  • UMDF driver loading process
    • DriverEntry routine
    • Initializing the framework
    • Creating driver and device objects
  • UMDF Queue management, requests and Data Transfer
    • Creating queues
    • Queues types
    • Handling requests
    • Data transfer techniques (buffered, direct, neither)
    • I/O Targets and Transferring request to I/O targets
    • Completing requests
  • Accessing the End Point (Hardware)
    • USB
    • WinSock
    • Other HW access Libraries
  • UMDF Specific Objects
    • Property Store
    • File Object
    • WIN32 I/O Targets
  • Plug & Play
    • Plug & Play Overview
    • PnP requests IRPs
    • Default behavior of PNP in WDF
    • Starting and stopping a device
  • Power management
    • Power management Overview
    • Power requests and IRPs
    • Default behavior of power in WDF
    • Power states
    • Handling power transitions and requests
  • WMI and configuration
    • WMI Overview
    • WMI requests and IRPs
    • Default behavior of WMI in WDF
    • handling WMI requests
  • Installing Device Drivers
    • Installing UMDF Device Drivers
    • INF files structures and sections
    • Creating and verifying inf files
    • Other installation methods
  • Debugging and analyzing Driver faults
    • Blue Screen of Death, Bug checks
    • System dump analysis
    • Setting and Using Windbag for live debugging
    • Driver Debugging procedures & Techniques
    • C++ User Mode debugging
    • Debugging COM
    • Analyzing User Mode dumps