Skip to main content

KasperskyOS

Microkernel operating system for internet-enabled embedded systems with special cybersecurity requirements.
KasperskyOS is a microkernel-based operating system created from scratch by Kaspersky. Thanks to the principles underlying the OS architecture, it can be used as the basis for Cyber Immune solutions, which are inherently protected from the vast majority of cyberattacks.

  • Security – blocks all unauthorized activities
  • Reliability – guarantees execution of critical functions in any situation
  • Flexibility – allows solution configuration for specific needs
  • Transparency – enables strict control and easy auditing of system processes

Who can benefit from KasperskyOS?

We offer technology alliance partnerships to companies and institutions in the following industries:

Hardware platform manufacturers
Cloud Service Provider for Automotive Industry
Cloud providers of IoT and industrial IoT services
Developers of automotive software solutions based on AUTOSAR Adaptive Platform, ROS and other frameworks
Developers of apps for professional mobile devices
Developers of IoT software and solutions
Developers of software and applications embedded in virtual desktop solutions
Developers and integrators of vertical solutions for various industries
Propose your own idea for a joint solution

Main product lines

Our partners are already developing KasperskyOS-based solutions for the following product lines:

Kaspersky IoT Infrastructure Security

A solution for protecting internet of things (IoT), as well as connecting it to clouds, with secure gateways as its key elements.

Kaspersky Thin Client

Solution for building Cyber Immune thin client infrastructure with easy-to-manage centralized administration.
We are looking for the following technology partners: VDI vendors (especially the Citrix VDI); Video Conferencing System, Unified communications; USB-Tokens and USB-Smartcards; VPN solutions

Kaspersky Automotive Secure Gateway

Software for automotive ECUs that implements telematics and in-vehicle gateway functionality, capable of securely running third-party applications.

KasperskyOS SDK for IoT controllers

SDK for development of IoT controller software designed for routing and automation systems in smart city infrastructure and industrial systems

Why KasperskyOS?

Microkernel-based architecture
The KasperskyOS microkernel contains only about 100 thousand lines of code. The smaller the kernel size, the fewer potential vulnerabilities it has and the easier it is to formally verify.
Isolation
KasperskyOS-based IT system is divided into isolated security domains. The strict isolation of system components ensures operability in every situation: even if one of them is hacked, the OS will continue to perform its critical functions.
Control
All interactions of isolated components of KasperskyOS-based IT-system pass through Kaspersky Security System. It checks each interaction for compliance with security policies, and if it doesn’t comply, it’s blocked.
Security by design
Cyber Immunity is Kaspersky’s approach and methodology for developing secure-by-design IT systems. A Cyber Immune IT solution has inbuilt protection against most types of cyberattacks, rendering them useless and unprofitable.
Flexible policy configuration
The solution developers can combine many different models to create policies that best meet your security goals. The PSL language is designed to describe the security policy in terms of the solution itself.
Proprietary microkernel
KasperskyOS was built from scratch by Kaspersky. The KasperskyOS proprietary microkernel was developed internally and is not based on any already existing project (Linux or otherwise).
Default deny
Any interaction that isn’t explicitly allowed by the security policy is blocked. The Default Deny principle underlies all secure solutions based on KasperskyOS.
No additional security tools needed
KasperskyOS-based Cyber Immune products don’t need to be supplemented with superimposed protection means. Its architecture prevents an intruder from interfering with the system even if a component has been compromised.