Kaspersky Lab's own Eugene Kaspersky confirmed on Tuesday that the security firm wants to protect the world's critical infrastructure by developing its own "secure" operating system.
According to Kaspersky's blog, the new pared-down OS is targeting key computer systems used in transportation control facilities, nuclear power stations, and other "critically important" installations. The new OS will be less vulnerable to attack from malicious programs like Stuxnet, Kaspersky said.
"Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media," Kaspersky said. "We’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity."
This is the important bit, he said, the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on Kaspersky's OS. "This is both provable and testable," he added.
Kaspersky is targeting industrial IT systems because unlike a corporate file server used in the typical company network, industrial systems can't be disrupted when a Trojan is detected and needs to be isolated. These systems must maintain constant operation "come hell or high water" – uninterrupted continuity of production is of paramount importance.
"Another challenge to securing an 'always on' environment arises due to software at an industrial/infrastructural installation only being updated after a thorough check for fault-tolerance – so as to make sure not to interrupt the working processes," he explained. "And because such a check requires loads of effort (yet still doesn’t provide a guarantee of non-failure) many companies often simply don’t bother to update ICS at all – leaving it unchanged for decades."
Kaspersky goes on to list a few examples of why a secure OS needs to be developed including the direct attack on SCADA systems in Australia back in 2000, and a hole that was discovered in RuggedCom industrial routers. This hole permitted any average user to simply increase his/her access rights up to administrator level and gain control over the device.
So how does one create an uber-secure operating system? Kaspersky said it can't be based on existing computer code, and it can't contain mistakes or vulnerabilities in the kernel. The kernel itself must also contain a very bare minimum of code – the maximum possible quantity of code, including drivers, needs to be controlled by the core and be executed with low-level access rights. There also needs to be a powerful and reliable system of protection that supports different models of security.