Kaspersky Lab has released KasperskyOS, a specialised operating system designed for embedded systems.
According to Kaspersky, the OS – which is built entirely from the ground up without “a sniff of Linux” in it – provides the cyber-security that has been missing from other operating systems.
Fifteen years in the making, Kaspersky OS has been released in bespoke products prior to today but this represents the first time it has been made commercially available to OEMs, systems integrators and software developers.
The company said that the OS has been tailored for the telecoms and automotive industries as well as critical infrastructure and is the answer to the growing problem of security in the realms of IoT, SCADA and embedded systems.
It is based on a microkernel designed in-house, using established principles of separation kernel, reference monitor, multiple independent levels of security and flux advanced security kernel architecture.
It is designed to prevent the execution of undocumented functionality, according to Andrey Doukhvalov, head of future technologies and chief security architect at Kaspersky Lab. “Such a design is very hard to implement in the environment of a conventional, general-purpose operating system,” he said.
“To address this we chose to build our own OS that follows the universally embraced rules of secure development, but also introduces many unique features.”
Eugene Kaspersky, chairman and CEO, said: “We understood from the very beginning that designing our own operating system would be a huge undertaking – a project that would require vast resources for many years before it could be commercialised.
“Today we see clear demand for strengthened security in critical infrastructure, telecoms and the finance industry, as well as in both consumer and industrial IoT devices.”
According to the company, developing applications for KasperskyOS requires ‘traditional’ code to be created, as well as a strict security policy that defines all types of documented functionality. Only what is defined by this policy can be executed, including the functionality of the operating system itself. For application developers it offers the benefit of being able to develop a security policy in parallel with the actual functionality.
Andrey Nikishin, head of future technologies business development, said that KasperskyOS doesn’t guarantee 100 percent security but will deliver “the first 99 percent” by blocking attempts to inject malicious code.
“Since any malicious operation is undocumented by the security policy, being an integral part of any application, the payload will never be executed. KasperskyOS is therefore immune from the typical cyber-threat agenda of today,” he said.
This article originally appeared at scmagazineuk.com