KasperskyOS Launches To Secure The World Of IoT

Kaspersky Lab has made its operating system KasperskyOS commercially available to original equipment manufacturers (OEMs), design manufacturers (ODMs), systems integrators and software developers around the world.

Designed for embedded systems with strict cyber security requirements, the secure-by-design environment of KasperskyOS aims to mitigate the risk of cyber attacks in the rapidly-growing world of the Internet of Things (IoT).

IoT devices now control many aspects of our everyday lives and, as they have quickly become prime targets for cyber criminals, the demand for security is higher than ever.

KasperskyOS

The OS was built with specific industries in mind, so includes key implementations tailored for the telecoms, automotive and critical infrastructure sectors.

It is based on a microkernel – the minimum amount of software required to provide the mechanisms needed to implement an OS – developed entirely in-house and puts security-driven application development front of mind.

“The idea behind KasperskyOS emerged 15 years ago when a small team of experts discussed an approach that would make it impossible to execute undocumented functionality,”  said Andrey Doukhvalov, head of future technologies and chief security architect at Kaspersky Lab.

“Further research revealed that such a design is very hard to implement in the environment of a conventional, general-purpose operating system. To address this we chose build our own OS that follows the universally embraced rules of secure development, but also introduces many unique features, making it not only secure, but also relatively easy to deploy in applications where protection is needed the most.”

Developing apps for KasperskyOS requires the creation of ‘traditional’ code as well as a security policy that defines all types of documented functionality, including that of the operating system itself.

This means only what is defined by this policy can be executed, so any undocumented behaviour (e.g. a coding error) will be automatically blocked and the policy can be customised according to the needs of the business and the app’s requirements.

Andrey Nikishin, head of future technologies business development, said: “Technically speaking, in a really complex environment, attempts to inject a certain code in our system cannot be successful.

“Our advantage is that, since any malicious operation is undocumented by the security policy, being an integral part of any application, the payload will never be executed. KasperskyOS is therefore immune from the typical cyber-threat agenda of today.”

As well as the telecoms, automotive and industrial sectors, deployment packages are currently being designed for point-of-sale (POS) terminals in the financial industry and for general-purpose Linux-based systems and endpoints.

Are you a security pro? Try our quiz!