Approval of fundamental standards for domain-separated systems

Kaspersky develops two new national standards

As of April 2023, two landmark national standards for domain-separated systems have come into effect in Russia. They were developed by Kaspersky and adopted by Technical Committee for Standardization 194 ‘Cyber-physical Systems’. The standards define the basic concepts and basic architectural principles embedded in systems with separated domains, including KasperskyOS.

The need for standards arose because during the development of the KasperskyOS operating system, it was discovered that Russian documentation and even textbooks on security lacked the terms, definitions and concepts that could be referred to when describing the architectural design of software. It was necessary to adapt terms and experience from foreign documents. In order to avoid discrepancies in the translation and interpretation of concepts, it was decided to work on national standards.

A practical approach to building domain-separated systems has been actively researched and implemented since the early 2000s. It can be used to create structurally safe systems, but it is only effective in conjunction with other methods and may not produce the desired result in isolation. It is based on a strategy of building systems that require high levels of functional and information security.

At present, the documents have a provisional status, but this only means that it’s necessary to gain experience in the process of their application, since we are talking about concepts, terms and definitions that are new to domestic practice. The conditions of application are exactly the same as GOST standards. In other words, the work on KasperskyOS has become the driving force behind the creation of a national unified approach. This is something we are proud of.
Ekaterina Rudina
Security Analysis Group Manager, Kaspersky ICS CERT