- Feb 7, 2023
- 2,355
Kaspersky has released Kaspersky OS, according to them, a micro-kernel, cyber-immune operating system. Its intended use is IoT and smart devices
os.kaspersky.com
os.kaspersky.com
Benefits of Micro-kernel
www.geeksforgeeks.org

Microkernel | KasperskyOS
The basis of KasperskyOS, developed from scratch at Kaspersky. Minimal attack surface and execution of only authorized system functions

KasperskyOS — cyber Immune approach to IT systems security
Kaspersky’s Cyber Immune operating system and solutions based on it for industry, smart cities, VDI, transport and other markets
Benefits of Micro-kernel

Microkernel in Operating Systems - GeeksforGeeks
A microkernel architecture minimizes the core operating system by running only essential services in kernel space, enhancing security and modularity while potentially impacting performance due to slower inter-process communication.

Advantages of Kaspersky Security System
![]()
Default Deny
Any interaction that isn't explicitly allowed by the security policy is blocked. The Default Deny principle underlies all secure solutions based on KasperskyOS.
![]()
Variety and flexibility of policies
The solution developers can combine many different models to create policies that best meet your security goals. The PSL language is designed to describe the security policy in terms of the solution itself.
![]()
Reliability of the generated code
The developer doesn't have to write code that implements the security policy. Instead, it's generated by a special compiler based on the PSL description. You can trust code generated on the basis of well-studied models.
![]()
Separation between security policies and business logic
The implementation of security policies is separated from the application code. As a result, they can be modified independently, thus significantly simplifying the work of app developers and solution architects.
Features of the technology
Kaspersky Security System is a monitor where the kernel sends all IPC messages to check them for compliance with the specified security policy. Moreover, the objects can access Kaspersky Security System directly using a special interface, which opens up additional opportunities for security architects.
To simplify policy creation, we developed a dedicated Policy Specification Language (PSL). The PSL syntax allows you to combine various security models in a single policy, including finite-state and timed automatons, TE (Type Enforcement), role-based access control (RBAC) models, and many others. You can also develop your own policy classes. At the same time, PSL is an expressive language where descriptions are developed in terms of the task.
The Policy Specification Language relieves developers of the need to write security policy implementation or configure the Kaspersky Security System manually. All you need to do is run a special compiler to optimize the Kaspersky Security System code for the selected task from the PSL description.