Embedded OS inherently prevents tampering

March 17, 2017 // By Christoph Hammerschmidt
IT Security company Kaspersky recently announced a secure operating system for embedded systems. The software targets in the first place the specific demand of the telecommunications and automotive industries as well as critical infrastructures. At Embedded World, KasperskyOS was the star at Kaspersky’s stand.

KasperskyOS is a specialized operating system designed for embedded systems with strict cybersecurity requirements. By design, KasperskyOS significantly reduces the chances of “undocumented functionality” (a paraphrase for injected malfunctions as well as program flaws) and thus promises to mitigate the risk of cyberattacks. The operating system introduces a secure-by-design environment for the increasingly attacked embedded systems and IoT devices. Based on a proprietary microkernel, it utilizes established principles of security-driven development such as Separation Kernel, Reference Monitor, Multiple Independent Levels of Security and the Flux Advanced Security Kernel architecture. KasperskyOS was designed with specific industries in mind and thus not only solves security issues, but also addresses organizational and business challenges related to secure application development for embedded systems.

Andrey Doukhvalov, Head of Future Technologies and Chief Security Architect at Kaspersky Lab, comments: “The idea behind KasperskyOS emerged 15 years ago when a small team of experts discussed an approach that would make it impossible to execute undocumented functionality. Further research revealed that such a design is very hard to implement in the environment of a conventional, general-purpose operating system. To address this, we chose to build our own OS that follows the generally accepted rules of secure development, but also introduces many unique features, making it not only secure, but also relatively easy to deploy in applications where protection is needed the most”.

KasperskyOS has been designed to allow programs to execute only documented operations. Developing applications for KasperskyOS requires ‘traditional’ code to be created, as well as a strict security policy that defines all types of documented functionality. Only what is defined by this policy can be executed, including the functionality of the operating system itself. While this has been very time-consuming during the development process of the operating system, it offers a benefits for application developers: a security policy can be developed in parallel with the actual functionality. The functionality itself can in fact be tested immediately: