KasperskyOS

But since industrial control systems (ICS) are usually managing critical operations or infrastructure that must be powered on all the time and can not be taken offline for even a while, the malware targeting these ICS systems is a challenging problem.

So, according to Kaspersky, the solution lies in a secure operating system with strict cyber security requirements that could help reduce the chances of undocumented functionality and thus mitigates the risk of cyber attacks targeting ICS or IoT devices.

It’s Secure, But KasperskyOS is not Linux!

This OS is not using linux kernel, instead they are using their own kernel built from scratch.

Notable features

Proprietary microkernel and independent security engine

KasperskyOS is based on a reliable microkernel that implements the only way of communicating. This lightweight microkernel can be implemented on various platforms. At the same time the loosely coupled security engine makes it possible to replace the in-house microkernel with another kernel if necessary.

Diverse policies enforcement

An independent security engine can enforce the policy that best matches the identified security objectives. The security policy can also be individually configured for every application in the system.

Multi-level compatibility

While the system is kept mostly POSIX-compatible, the use of a native API further guarantees the secure behaviour of applications. The developer can choose how to keep a proper balance between program code compatibility and security.

Mandatory identification and labelling

All applications in KasperskyOS are accompanied by their security configuration. Nobody can install an application without installing its relevant behaviour configuration. Hardware and application level resources (files, databases, network ports, etc.) are labelled with appropriate security attributes. It is impossible to access a resource that doesn’t have a security label.

Separation of application features from security functions

The security architecture is designed to separate security functions from application business logic, making both configuring security policies and developing applications easier and faster.

Security domain separation

KasperskyOS efficiently separates security domains – confined groups of applications with a restricted influence on each other. This does not preclude the possibility of interdomain communication, if explicitly allowed.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s