KasperskyOS ® Trusted. Flexible. Secure.

What is KasperskyOS

Every day thousands of devices are exposed to malicious code, viruses and hacker attacks. And we don’t care about it until it becomes a threat to our devices, or even to our health. In order to protect software and data systems from such threats and to reduce the risk of harm caused by program bugs, unintentional mistakes or premeditated abuse, we recommend KasperskyOS, a secure operating system for embedded connected devices with specific cybersecurity requirements. KasperskyOS creates an environment where a vulnerability or bad code is no longer a big deal. The Kaspersky Security System (KSS) protection component controls interactions across the whole system, rendering the exploitation of vulnerabilities useless. Learn more about KasperskyOS

Kaspersky Security System

Kaspersky Security System is a security policy verdict computation engine capable of working simultaneously with different types of security policies (role-based and mandatory access control, temporal logic, control flow, type enforcement, etc.) and can be customized to meet a client’s needs. The more precise the policies, the more control and security afforded the entire system. KSS can be used together with KasperskyOS (the most secure configuration) as well as in a Linux-based solution (secure actions in an unsecure system). About Kaspersky Security System

Kaspersky Secure Hypervisor

Kaspersky Secure Hypervisor is a Type 2 hypervisor that runs on the KasperskyOS microkernel. With KSH, potentially untrusted virtualized guest operating systems can be separated from each other and all communications between them can be completely controlled and trusted, even though they are physically running on the same hardware platform. An additional benefit of KSH is its ability to reduce expenses on hardware maintenance. About Kaspersky Secure Hypervisor

Further reading: Features of secure OS realization

Features of KasperskyOS

Proprietary microkernel and independent security engine

KasperskyOS is based on a reliable microkernel that implements the only way of communicating. This lightweight microkernel can be implemented on various platforms. At the same time the loosely coupled security engine makes it possible to replace the in-house microkernel with another kernel if necessary.
Proprietary microkernel and independent security engine
Diverse policies enforcement

Diverse policies enforcement

An independent security engine can enforce the policy that best matches the identified security objectives. The security policy can also be individually configured for every application in the system.

Security domain separation

KasperskyOS efficiently separates security domains – confined groups of applications with a restricted influence on each other. This does not preclude the possibility of interdomain communication, if explicitly allowed.
Security domain separation
Separation of application features from security functions

Separation of application features from security functions

The security architecture is designed to separate security functions from application business logic, making both configuring security policies and developing applications easier and faster.

Mandatory identification and labelling

All applications in KasperskyOS are accompanied by their security configuration. Nobody can install an application without installing its relevant behaviour configuration. Hardware and application level resources (files, databases, network ports, etc.) are labelled with appropriate security attributes. It is impossible to access a resource that doesn’t have a security label.
Mandatory identification and labelling
Multi-level compatibility

Multi-level compatibility

While the system is kept mostly POSIX-compatible, the use of a native API further guarantees the secure behaviour of applications. The developer can choose how to keep a proper balance between program code compatibility and security.

KasperskyOS usage areas

Telecommunication equipment
Telecommunication equipment
KasperskyOS helps to mitigate cyber risks associated with telecom equipment including remote attacks on hardware aiming to change its configuration or modify its built-in software (firmware) and exploiting built-in backdoors or known vulnerabilities in order to intercept traffic or gain control of equipment. As well as to meet specific requirements of such devices like: (1) the need to operate autonomously without maintenance or software updates for extended periods of time; (2) proprietary built-in software; (3) permanent direct connection to the internet and so on. And finally minimize the time required to develop security features.
Connected cars
Connected cars
KasperskyOS was built with Security for Safety paradigm in mind and this approach is ideal for modern and future connected vehicles. In this regards KasperskyOS helps automotive and part manufacturers to design and develop connected electronic units. KasperskyOS, a secure operating system based on an architecture that is designed to ensure software is executed securely, including non-secure applications. In addition, KasperskyOS provides protection in the event of random software errors that helps to maintain specified level of safety. Learn more
Machine 2 Machine and Internet of Things
Machine 2 Machine and Internet of Things
The key pillar of built-in security for IoT is a proper security policy. Due to the diversity of IoT applications, security policy enforcement mechanisms must be (1) as adaptable as possible; (2) definition of policies should be clear and simple, but expressive enough to make rules without flaws and omissions; (3) security mechanisms should not weaken existing safety measures, hamper system functionality or significantly reduce system, application or device performance.
KasperskyOS helps to address the issue of cyber security for Internet of Things devices, while minimizing the time required to develop security features.
Industrial environment
Industrial environment
KasperskyOS helps industrial automation vendors to add cyber security capabilities to their new connected to the Internet equipment while keeping safety, quality, reliability, performance, time to market and openness of the software. KasperskyOS also helps to mitigate risks associated with usage of 3rd party software which potentially could have vulnerabilities. We bring cyber security into safe industrial automation world.

Contact us to know more