Kaspersky OS is a specialized operating system designed for embedded systems with strict cybersecurity requirements. By design, KasperskyOS significantly reduces the chances of undocumented functionality and thus mitigates the risk of cyberattacks. KasperskyOS is now commercially available to OEMs, ODMs, systems integrators and software developers around the world. Key implementations of the operating system are tailored for the telecoms and automotive industries as well as critical infrastructure.
Kaspersky OS introduces a secure-by- design environment for the ever-growing and increasingly attacked embedded systems and IoT devices. In a modern connected world where rich IoT devices are being used by consumers, utilized in critical infrastructure, control many aspects of our everyday life, the demand for strong security approach is higher than ever.
Based on a new, developed entirely in-house microkernel, it utilizes well-established principles of security-driven development such as Separation Kernel, Reference Monitor, Multiple Independent Levels of Security and the Flux Advanced Security Kernel architecture. KasperskyOS was designed with specific industries in mind and thus not only solves security issues, but also addresses organizational and business challenges related to secure application development for embedded systems.
Kaspersky OS has been designed to allow programs to execute only documented operations. Developing applications for Kaspersky OS requires ‘traditional’ code to be created, as well as a strict security policy that defines all types of documented functionality.
Only what is defined by this policy can be executed, including the functionality of the operating system itself. Such an approach proved to be very time-consuming during the KasperskyOS development process, but for application developers it offers a certain benefit: a security policy can be developed in parallel with the actual functionality. The functionality itself can in fact be immediately tested: a mistake in the code means undocumented behavior, which is blocked by the OS. Most importantly, the development of a security policy can be customized according to business needs: security can be adapted depending on the application requirements, rather than the other way around.
The deployment flexibility
KasperskyOS is not a general-purpose operating system. It is designed for, and meets the requirements of, embedded devices and is aimed at three key industries: telecommunication, automotive and industrial. In addition, Kaspersky Lab is also developing deployment packages for the financial industry (security of POS-terminals and thin client PS) and the security enhancement of critical operations for general-purpose Linux-based systems and endpoints in particular. Ease of deployment is achieved with three packages implementing certain features of KasperskyOS.
KasperskyOS itself offers maximum security, although its requirements bring an extra challenge to a customer’s development process. It can be used as base on which to build devices like network routers, IP cameras or IoT controllers. It addresses the needs of the telecom industry, critical infrastructure applications and the emerging development of the Internet of Things.
Kaspersky Secure Hypervisor at a slightly reduced cost, Kaspersky Secure Hypervisor makes it possible to execute applications with strict control over how they communicate with each other. It addresses the needs of telecoms, the automotive industry and can also be used for general security purposes, up to the secure operation of endpoints. Kaspersky Security System brings enforced security to conventional operating systems as well as other embedded and real-time OS with minimal development overheads.
KasperskyOS is available for OEMs, ODMs, systems integrators and software developers around the world. Successful projects have already been conducted with Russia’s system integrator Kraftway (secure network router), SYSGO (strengthened security for PikeOS real-time operating system with Kaspersky Security System) and European systems integrator BE.services (embedding KasperskyOS technology in specialized Programmable Logic Controllers). As a unique project, that is tailored for every customer, the pricing of KasperskyOS varies depending on requirements. More information about KasperskyOS,
Kaspersky Secure Hypervisor and Kaspersky Security System, as well as contact information for potential customers is available on a dedicated website. Technical background information is available in this detailed article at Securelist.com. Additional details can be found in the blog post by Eugene Kaspersky....