KasperskyOS – Secure OS released for Iot and Embedded System

Russian cyber security and antivirus vendor Kaspersky Lab has made available the much awaited KasperskyOS, a secure-by-design operating system based on Microkernel architecture which is specially designed for network devices, industrial control systems and the Internet of Things.

The operating system is not made for your average home PC; instead, it is meant to protect industrial systems and embedded devices from cyber attacks by preventing any third-party or malicious code from executing.

Kaspersky Lab CEO Eugene Kaspersky confirmed the rumors of a new operating system on his official blog published on Monday, saying this project under the codename 11-11 has been in the works for 14 years and has been designed from scratch.

The reason behind developing KasperskyOS is simple: Growing Internet-of-Things and embedded devices in industrial control systems (ICS) to power critical infrastructure.

It’s quite easy for most companies to get rid of the virus-infected computer, as they all need to do is unplug the infected ones from the network, according to Kaspersky.

But since industrial control systems (ICS) are usually managing critical operations or infrastructure that must be powered on all the time and can not be taken offline for even a while, the malware targeting these ICS systems is a challenging problem.

So, according to Kaspersky, the solution lies in a secure operating system with strict cyber security requirements that could help reduce the chances of undocumented functionality and thus mitigates the risk of cyber attacks targeting ICS or IoT devices.

It’s Secure, But KasperskyOS is not Linux!

Yes, this OS is not just another Linux flavor.

One of the major distinctive features of Kaspersky OS is that the GUI-less operating system has been constructed from scratch and does not contain even a single string of Linux code in it.

“All the popular operating systems are not designed with security in mind, so it is simpler and safer to start from the ground up and do everything correctly. Which is just what we did,” said Kaspersky.

The new OS has been designed to allow programs to execute only documented operations under its strict security policy. Only what is defined by the policy can be executed, including the functionality of the OS itself.

The customers can also examine the source code of KasperskyOS to make sure the operating system has no undocumented capabilities. The OS also has independent security engine that lets users enforce the policy that suits their security objectives.

KasperskyOS is not a general-purpose operating system; instead, it is designed for embedded devices, including IoT, telecommunication equipment, connected cars, and industrial control systems.

To create a package that could be applied in several different areas of granular customization, Kaspersky has developed three products:

  • An Operating System (KasperskyOS)
  • A standalone secure hypervisor (KSH) for running virtual machines
  • A system for secure interaction between OS components (KSS)

KasperskyOS was designed to not only solves security issues but also addresses organizational and business challenges related to secure application development for embedded systems.

More detailed technical specifications of the OS can be found on the official KasperskyOS page and the KasperskyOS whitepaper.


Leave a Reply