Sign in with
Sign up | Sign in

Kaspersky Lab Confirms it is Developing an OS

By - Source: Kaspersky Lab | B 18 comments

Kaspersky Lab is developing an operating system for "critically important" installations.

Kaspersky Lab's own Eugene Kaspersky confirmed on Tuesday that the security firm wants to protect the world's critical infrastructure by developing its own "secure" operating system.

According to Kaspersky's blog, the new pared-down OS is targeting key computer systems used in transportation control facilities, nuclear power stations, and other "critically important" installations. The new OS will be less vulnerable to attack from malicious programs like Stuxnet, Kaspersky said.

"Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media," Kaspersky said. "We’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity."

This is the important bit, he said, the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on Kaspersky's OS. "This is both provable and testable," he added.

Kaspersky is targeting industrial IT systems because unlike a corporate file server used in the typical company network, industrial systems can't be disrupted when a Trojan is detected and needs to be isolated. These systems must maintain constant operation "come hell or high water" – uninterrupted continuity of production is of paramount importance.

"Another challenge to securing an 'always on' environment arises due to software at an industrial/infrastructural installation only being updated after a thorough check for fault-tolerance – so as to make sure not to interrupt the working processes," he explained. "And because such a check requires loads of effort (yet still doesn’t provide a guarantee of non-failure) many companies often simply don’t bother to update ICS at all – leaving it unchanged for decades."

Kaspersky goes on to list a few examples of why a secure OS needs to be developed including the direct attack on SCADA systems in Australia back in 2000, and a hole that was discovered in RuggedCom industrial routers. This hole permitted any average user to simply increase his/her access rights up to administrator level and gain control over the device.

So how does one create an uber-secure operating system? Kaspersky said it can't be based on existing computer code, and it can't contain mistakes or vulnerabilities in the kernel. The kernel itself must also contain a very bare minimum of code – the maximum possible quantity of code, including drivers, needs to be controlled by the core and be executed with low-level access rights. There also needs to be a powerful and reliable system of protection that supports different models of security.

To read the entire blog, head here. Kaspersky Lab goes into additional detail here in its October 16 update.


Contact Us for News Tips, Corrections and Feedback

Display 18 Comments.
This thread is closed for comments
  • 7 Hide
    ricardok , October 17, 2012 10:37 PM
    Interesting news.. I would enjoy that new "secure" OS to be put to the test once is out to see if it's actually possible to secure it to Buffer Overflows and other attacks from the network.
  • 3 Hide
    sa1nt , October 17, 2012 11:00 PM
    Nice. When i read name of the article i thought of another linux distribution marketed as "NEW" OS.
  • -6 Hide
    ruszip1 , October 18, 2012 12:23 AM
    even windows 95 is the most secure os if its not connected to the internet.
  • 0 Hide
    southernshark , October 18, 2012 12:36 AM
    Another OS is just what the world needs.

    What the world needs now.
  • 5 Hide
    ddpruitt , October 18, 2012 12:58 AM
    I see a bunch of marketing hype in the articles (the Kaspersky articles) not much else. Let's see what they come up with, but I'm willing to bet it'll be a Unix derivative of one form or another.
  • -6 Hide
    mt2e , October 18, 2012 1:05 AM
    I wouldn't trust it, might be a Russian Intelligence link.
  • 4 Hide
    PhilFrisbie , October 18, 2012 1:13 AM
    If its not open source then there will no way to confirm these claims.
  • 3 Hide
    DeadNetwork , October 18, 2012 1:38 AM
    This could potentially become bigger than they expected. I like the idea, more competition!
  • -3 Hide
    Anonymous , October 18, 2012 4:43 AM
    yes what the world needs now is another distribution of linux

    oh brother. what curse have the god set upon the linux folks, what flaw, that they all need their own different distribution.

    dont we have enough distributions already, surely more than baskin-robbin flavors

    enough already! if you ever going to win you have to learn to work together and stop acting like the world is coming to an end in the tower of babble
  • -1 Hide
    Anonymous , October 18, 2012 7:33 AM
    can you still call it an OS?
  • 2 Hide
    jankeke , October 18, 2012 9:08 AM
    Why are you guy talking about Linux ?

    " Kaspersky said it can't be based on existing computer code", it says.
  • -1 Hide
    iceman1992 , October 18, 2012 11:22 AM
    Quote:
    it can't contain mistakes or vulnerabilities in the kernel
    Is that even possible? No code can be 100% perfect. If it could be then we wouldn't need to have a security oriented OS, would we?
  • 3 Hide
    classzero , October 18, 2012 12:22 PM
    Sorry I am prepared for the down votes . . . But will it play Crysis?
    Again apologies, had to get it out of the way.
  • 2 Hide
    jankeke , October 18, 2012 12:45 PM
    classzeroSorry I am prepared for the down votes . . . But will it play Crysis? Again apologies, had to get it out of the way.

    +1 HA ! You didn't expect that, did you ?!
  • 0 Hide
    x3nophobe , October 18, 2012 2:42 PM
    That question was answered in the article.

    "Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media," Kaspersky said. "We’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity."
  • 0 Hide
    AndrewMD , October 18, 2012 3:21 PM
    everyone wants to write there own OS these days, I am glad we are returning to the 60's/70's....
  • 0 Hide
    hwangchan , October 18, 2012 4:04 PM
    I think most of you missed it, this OS is for industrial units,it could possibly be altered to run a router or perhaps a copy machine, a stamping machine or an assembly line unit, but nothing so complex as a PC, well maybe with some modding...

    Its an OS, but these types of units are currently running an advanced bios or windows/linux/unix shell that only utilizes the bare minimum of code to operate, usually just off the ROM often with no HDD. Unfortunately, sometimes this bare minimum code has the vulnerabilities of the main program, and some but not all viruses could be transferred through these unprotected units.

    Its a good thing they are doing, with a lot of financial gain possibility, but its not exactly mind blowing.
  • 0 Hide
    hannibal , October 18, 2012 8:41 PM
    Hmmm... How big problem is that there allso have to program new programs just for this new KasperskyOs, because it will not run any old programs... Well, I can see why it will be so secure.

    Actually guite interesting to see, how this works out. There are many companies that would like to have more secure os, but do they trust the Kaspersky enough to use their software?