Kaspersky Lab's own Eugene Kaspersky confirmed on Tuesday that the security firm wants to protect the world's critical infrastructure by developing its own "secure" operating system.
According to Kaspersky's blog, the new pared-down OS is targeting key computer systems used in transportation control facilities, nuclear power stations, and other "critically important" installations. The new OS will be less vulnerable to attack from malicious programs like Stuxnet, Kaspersky said.
"Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media," Kaspersky said. "We’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity."
This is the important bit, he said, the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on Kaspersky's OS. "This is both provable and testable," he added.
Kaspersky is targeting industrial IT systems because unlike a corporate file server used in the typical company network, industrial systems can't be disrupted when a Trojan is detected and needs to be isolated. These systems must maintain constant operation "come hell or high water" – uninterrupted continuity of production is of paramount importance.
"Another challenge to securing an 'always on' environment arises due to software at an industrial/infrastructural installation only being updated after a thorough check for fault-tolerance – so as to make sure not to interrupt the working processes," he explained. "And because such a check requires loads of effort (yet still doesn’t provide a guarantee of non-failure) many companies often simply don’t bother to update ICS at all – leaving it unchanged for decades."
Kaspersky goes on to list a few examples of why a secure OS needs to be developed including the direct attack on SCADA systems in Australia back in 2000, and a hole that was discovered in RuggedCom industrial routers. This hole permitted any average user to simply increase his/her access rights up to administrator level and gain control over the device.
So how does one create an uber-secure operating system? Kaspersky said it can't be based on existing computer code, and it can't contain mistakes or vulnerabilities in the kernel. The kernel itself must also contain a very bare minimum of code – the maximum possible quantity of code, including drivers, needs to be controlled by the core and be executed with low-level access rights. There also needs to be a powerful and reliable system of protection that supports different models of security.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
Interesting news.. I would enjoy that new "secure" OS to be put to the test once is out to see if it's actually possible to secure it to Buffer Overflows and other attacks from the network.Reply
Nice. When i read name of the article i thought of another linux distribution marketed as "NEW" OS.Reply
even windows 95 is the most secure os if its not connected to the internet.Reply
Another OS is just what the world needs.Reply
What the world needs now.
I see a bunch of marketing hype in the articles (the Kaspersky articles) not much else. Let's see what they come up with, but I'm willing to bet it'll be a Unix derivative of one form or another.Reply
I wouldn't trust it, might be a Russian Intelligence link.Reply
If its not open source then there will no way to confirm these claims.Reply
This could potentially become bigger than they expected. I like the idea, more competition!Reply
yes what the world needs now is another distribution of linuxReply
oh brother. what curse have the god set upon the linux folks, what flaw, that they all need their own different distribution.
dont we have enough distributions already, surely more than baskin-robbin flavors
enough already! if you ever going to win you have to learn to work together and stop acting like the world is coming to an end in the tower of babble
can you still call it an OS?Reply