The KasperskyOS kernel was internally developed by Kaspersky and is not based on any already existing project (Linux or otherwise).
KasperskyOS is a specialized operating system created from scratch by Kaspersky. Thanks to the principles embedded in its architecture, our OS can serve as the foundation for products that possess Cyber Immunity: built-in security against the majority of cyberattack types. This is critical for digital infrastructures that require a high level of security assurance.
KasperskyOS is the first-ever operating system that can be used to make IT products Cyber Immune. These products are nearly impossible to hack, and only a fraction of attack types launched against a Cyber Immune system can affect its critical functions. Solutions powered by KasperskyOS require no added protection: everything you need is already inside the system.
KasperskyOS provides flexibility in setting security policies: rules that the system will follow throughout its life cycle and that will prevent it from performing potentially dangerous operations.
The components of our OS are separated into isolated security domains and cannot affect one another. All of their interactions go through the microkernel, while Kaspersky Security System passes a security verdict on each. If an interaction fails to match defined policies, it is blocked even before the execution.
Thanks to this, when developing for KasperskyOS, you can use untrusted components that do not have Cyber Immunity. If one of them proves to be vulnerable, and attackers take advantage of this, the OS simply will not allow the component to perform operations that are not authorized by the security policy and that affect the functioning of the product.
The inherent security of KasperskyOS is embedded into its architecture and philosophy.
Thus, nothing can run or function unless explicitly allowed by system administrators and application developers. Security policies that describe each permitted action are defined as early as the design stage of an IT product based on KasperskyOS.
The KasperskyOS microkernel contains only a few hundred thousand lines of code, so the attack surface is minimal. The strict isolation of system components ensures operability in every situation: even if one of them fails, the OS will continue to perform its critical functions.
The KasperskyOS design conforms to the MILS and FLASK architectures, while adding Kaspersky’s own security technology.
The Cyber Immune approach at the heart of KasperskyOS prevents an attacker from affecting system operation even if some of the non-Cyber Immune components get hacked. Our microkernel and flexible security system technologies rule out unauthorized functions.
To make a product based on KasperskyOS Cyber Immune, you must strictly follow the special Kaspersky methodology.
Only IT systems that are intrinsically secure (secure by design) can be considered Cyber Immune. To summarize, creating Cyber Immune applications requires that the following be ensured from the moment development starts:
KasperskyOS does not collect or share data. All drivers, system services, applications, etc. are moved out of the kernel and isolated, and their behavior is strictly limited by security policies.
No component of the system can store or send data unless allowed by applicable policies.
Yes, it is. First, there is Kaspersky IoT Infrastructure Security whose key element is secure gateways for the internet of things, indispensable devices for modern businesses that use IoT sensors and controllers. Kaspersky IoT Secure Gateway (KISG) 1000 is currently available, and sales of KISG 100, the first-ever industrial Cyber Immune IoT gateway, have begun. By the way, it was named one of the best designs in the world in 2020 at the 7th World Internet Conference in Wuzhen, China.
Second, there is Kaspersky Secure Remote Workspace, which includes software for thin clients: computer-like user terminals for connecting to corporate virtual desktop infrastructure.
Also available for prototyping is the Kaspersky Automotive Adaptive Platform SDK for developing car electronic components.
First of all, on the internet of things and in process control, in industries with high cybersecurity standards. Examples include manufacturing, energy, government agencies, transport infrastructure.
Devices already running KasperskyOS include thin clients, a key part of Kaspersky Secure Remote Workspace, and IoT gateways, which help build secure IoT networks and implement digital transformation in the manufacturing industry. In 2020, Kaspersky Automotive Adaptive Platform was integrated into an automotive ECU.
Our OS is evolving, and the range of supported devices is growing. For example, Kaspersky is investigating the possibility of adapting the OS for mobile platforms.
KasperskyOS is a specialized operating system. At the moment, it can only serve as the basis for designs intended for embedded IT systems with features required by specific clients.
That said, we are confident that Cyber Immunity is an important trend that will grow fast in the segment of personal digital devices, among others. Thanks to Cyber Immunity users won’t have to worry about the security of their devices, as these will be protected from most cyberattacks by default. This is a future worth striving for.
Kaspersky IoT Secure Gateways 100 and 1000 are already available for purchase in Russia and Belarus. They are being sold in Europe by Spanish distributor V-Valley. This year, the company plans to enter the META and APAC markets. We are also working on pilot projects in Latin America.
Of course, there are operating systems on the market that help to create functional products with a very high level of security. However, no modern operating system can give products Cyber Immunity: inherent protection against cyberattacks. That requires Kaspersky’s special methodology.
KasperskyOS is designed for devices on which an antivirus cannot be installed. Examples include secure gateways, electronic control units inside cars, thin clients.
That is why we designed our OS not to need any additional protection. Its architecture prevents attackers from affecting the functioning of the system even if a component has been compromised.
The native code of KasperskyOS is continually subjected to various kinds of testing, including fuzzing. Some of the more critical components undergo formal verification and validation of security models. Code is subjected to static and dynamic analysis. Penetration tests are regularly conducted. A Bug Bounty program is planned.
When designing products based on KasperskyOS, we consider only hardware that is trusted. When using our particular system, the potential harm that could be caused by Meltdown, Spectre and similar vulnerabilities is minimal.
Meltdown enables non-privileged code to read data from the privileged space of the kernel. KasperskyOS is a microkernel operating system, and its kernel does not contain much data that could be used by a cybercriminal. Most system services, including those related to encryption, are implemented in the user space.
Successful exploitation of Spectre relies on the existence of memory areas shared between processes. This is what enables the creation of a parasitic communication channel based on timing access to cache lines for indirect memory access. By default, KasperskyOS does not provide for the use of shared memory. The exclusive nature of such cases means that there is a very low likelihood that this hardware vulnerability could be maliciously exploited.
A typical driver manages a device via read/write operations through I/O ports (MMIO/PIO). It also interacts with a device via DMA. The device notifies the driver about completed requests and events by sending interrupts. This means that the kernel must provide the driver with a service that would allow it to obtain access to I/O ports, allocate DMA buffers, and handle interrupts. All of these capabilities are provided by the IO service of the kernel. A driver waits for interrupts by using something similar to an IPC Call: the interrupt handler thread from the driver makes a Call to the kernel and goes to sleep waiting for an interrupt. When the corresponding interrupt is received by the kernel, the kernel wakes the relevant thread that went to sleep after the Call, thereby allowing the interrupt to be handled. The thread then goes back to sleep. Access to kernel services is privileged and must be granted only to drivers and other critical components of the architecture. IPC-based implementation of access to kernel services enables use of all available technologies of the Kaspersky Security Module to deny/restrict program access to kernel services.
There are no guides for porting drivers and applications from Linux to KasperskyOS. Drivers are ported based on ready-to-use drivers and the accepted driver model.
KasperskyOS Community Edition is a software development kit (SDK) designed to help you build a custom KasperskyOS image for a specific set of hardware platforms. The distribution kit includes the KasperskyOS kernel, solution development tools, numerous libraries (with usage examples), and documentation. The SDK is distributed as a DEB package for Debian GNU/Linux 10 “Buster” and can be downloaded for free at the provided link. The image does not include command-line interface tools such as a console or GUI. After installation, the SDK is deployed in the directory /opt/KasperskyOS-Community-Edition-<version>.
KasperskyOS Community Edition was designed to serve as a free tool for learning the principles of building a KasperskyOS-based solution, understanding the specifics of implementing security policies, and writing and debugging custom pilot projects. The license will also let you modify the components that are provided as source code. KasperskyOS Community Edition currently lets you develop software for embedded systems managed over an Ethernet network (via web interface or other protocols).
The KasperskyOS Community Edition (CE) version is not intended for commercial use. This distribution package lets you develop a fully functional product and demonstrate it to potential customers. To directly distribute commercial products based on KasperskyOS, you must purchase a commercial license.
The terms and conditions of a commercial license depend on many parameters, including the number of devices that will be produced and the specific business model (for example, fixed payments, royalties, or shared revenue). The cost may also be affected by any work performed by Kaspersky experts if necessary for a specific project. This potential work may include support for the specific hardware platform, other technical support, and updates.
If you already have tentative details or project parameters, please share them with us so that our colleagues can propose a suitable business model for you and calculate the appropriate cost.
Even if you have not yet decided on any specific parameters, Kaspersky is committed to supporting successful KasperskyOS-based products and will never set any cost-prohibitive terms for licenses.
KasperskyOS Community Edition is not intended for commercial use. In other words, it cannot be resold, even as a part of other software/hardware systems. A separate license would be required for such purposes. To find out the conditions for such use, please contact os@kaspersky.com
KasperskyOS Community Edition is not intended to directly run applications that were written for other operating systems. Applications must be properly ported before they can be run.
PCRE (regular expressions), CivetWeb, Boost, mbedTLS, and Mosquitto.
These libraries are currently supported entirely by the KasperskyOS development team. At some point, we would like to hand off support for these libraries to original developers or to the open source community.
Fully compatible with KasperskyOS Community Edition fork of nginx is already available on GitHub. Ported libraries for nginx, php, Node.JS, and Samba will soon be published at github.com. Ported php, Node.JS and Samba are being prepared for deployment.
You can use static and dynamic libraries. To utilize libraries when building a solution, you need to specify the relevant library in the dependencies of the corresponding artifact. Dynamic libraries are provided in the SDK, and can also be created by a KasperskyOS-based solution developer. Normal operation of third-party dynamic libraries cannot be guaranteed.
The licenses are inherited.
Currently, KasperskyOS solutions can be developed in C and C++ using GCC cross compilers.
The currently recommended development environment is VSCode with C/C++ syntax highlighting.
Operating system for Internet-connected embedded systems with specific cybersecurity requirements
