Kaspersky Lab Developing Its Own Operating System? We Confirm the Rumors, and End the Speculation!

Hi all!

Today I’d like to talk about the future. About a not-so-glamorous future of mass cyber-attacks on things like nuclear power stations, energy supply and transportation control facilities, financial and telecommunications systems, and all the other installations deemed “critically important”. Or you could think back to Die Hard 4 – where an attack on infrastructure plunged pretty much the whole country into chaos.

Alas, John McClane isn’t around to solve the problem of vulnerable industrial systems, and even if he were – his usual methods of choice wouldn’t work. So it comes down to KL to save the world, naturally! We’re developing a secure operating system for protecting key information systems (industrial control systems (ICS)) used in industry/infrastructure. Quite a few rumors about this project have appeared already on the Internet, so I guess it’s time to lift the curtain (a little) on our secret project and let you know (a bit) about what’s really going on.

Operating System Code

But first – a little bit of background about vulnerable industrial systems, and why the world really needs this new and completely different approach of ours.

The Defenselessness of Industrial Systems

Though industrial IT systems and, say, typical office computer networks might seem similar in many ways, they are actually completely different beasts – mostly in terms of their priorities between security and usability. In your average company, one of the most important things is confidentiality of data, and IT administrators are encouraged to isolate infected systems from non-infected systems to that end, among others. Thus, for example, if on the corporate file server a Trojan is detected, the simplest thing to do is disconnect the infected system from the network and then later start to tackle the problem.

In industrial systems that can’t be done, since here the highest priority for them is maintaining constant operation come hell or high water. Uninterrupted continuity of production is of paramount importance at any industrial object in the world; security is relegated to second place.

Another challenge to securing an “always on” environment arises due to software at an industrial/infrastructural installation only being updated after a thorough check for fault-tolerance – so as to make sure not to interrupt the working processes. And because such a check requires loads of effort (yet still doesn’t provide a guarantee of non-failure) many companies often simply don’t bother to update ICS at all – leaving it unchanged for decades. Updating software might even be expressly forbidden by an industrial/infrastructural organization’s safety policy. Just recently I read a nice piece about this, which listed 11 ICS security rules; rule #1 is “Do not touch. Ever.” What more of an illustration do you need?!

Still, even if the possibility to update software and patch up “holes” does exist, this doesn’t always help much. Manufacturers of specialized software aren’t interested in constant source code analysis and patching holes. As experience has shown, corners (costs) are normally cut on this kind of activity, and patches are released only if a certain exploit has been found and put on the Internet. In fairness, this is true for common, garden variety software, not just specialized software; still, today we’re talking about specifically industrial software.

The problem consists in the following: the vulnerability of control software, programmed controllers, and industrial communication networks leads to operators of industrial/ infrastructural systems not actually having the ability to receive reliable information about the systems’ total operation!Theoretically a situation is possible where, let’s say, a system for distributing electricity is attacked, as a result of which somewhere at a distant installation the other side of the country a breakdown occurs. But the control center doesn’t know anything about it: the attackers have sent to its computers false data.

Examples

You don’t need to look far to find examples of this actually happening in real life. The first method used – an example of cyber-sabotage at its potentially most dangerous – was in a direct attack on SCADA systems as far back as the year 2000 in Australia. An employee of a third-party contractor who was working on the control systems of Maroochy Shire Council carried out 46 (!) attacks on its control system, which caused the pumps to stop working or work not as they should have. No one could understand what was happening, since the communication channels inside the system had been breached and the information traveling along them distorted. Only after months did companies and the authorities manage to work out what had happened. It turned out that the worker really wanted to get a job at the sewage firm, was rejected, and so decided to flood a huge area of Queensland with sewage!

There are plenty of other such examples; they’re just not reported in the media. After all, victim companies are generally not too keen on letting the whole world know their systems have been compromised. (Public interest issues abound, but I’ll save those for another day and another post…) And in many incidents even the victims themselves don’t know they’ve been attacked. Not long ago a hole was found in RuggedCom industrial routers that permitted any average user to simply increase his/her access rights up to administrator level and gain control over the device. By who, when, how, and where else the hole could have been exploited can only be guessed at. Plus how many similar holes exist and are possibly being exploited in secret – we can only guess at.

For a bit of personal-development I recommend reading about attacks on ICS that succeeded in fulfilling their missions – here, here and here.

So who else – apart from blackmailers, disgruntled job applicants, etc. – might get access to the source code of ICS software, controllers, operating systems and the like? Of course there are the respective government and industry authorities – namely those with a department that certifies software for critically important systems. But in recent years there have been departments created for developing cyber-weapons used for attacking opponents’ systems, whomever they may be – perhaps commercial competitors, but more likely other countries in general.

I mean things like Stuxnet and the subsequent Duqu, Flame and Gauss – malware so vastly complex that it’s clear it was developed with the support of nation states. And it doesn’t really matter who’s being targeted at present; what matters is that such cyber-weapons are being developed and deployed at all. And once Pandora’s Box is open, there’s no way of getting it closed again. The building up of armaments for attacks on the industrial systems and infrastructure of enemies sooner or later will affect us all. So it turns out that the biggest threat to the planet today comes not from the regular cyber-riff-raff, and not even from organized cyber-criminals, but from nation state-backed creators of cyber-weapons.

Protection Today: Alas, Not Effective

At the same time as arming themselves, both infrastructure companies and various government authorities aren’t forgetting about protection. Indeed, they started protecting themselves long ago. But how do they actually go about it?

There are really just two methods. The first – isolating critically important objects: disconnecting them from the Internet, or physical isolation from the outside world in some other way. However, as experience has shown, if a technician during the night shift wants to watch films from an infected USB stick on the control computer – nothing’s going to stop him (we have working methods for blocking such activity, but I won’t go into that here).

Second – keeping secrets. Collective and large-scale attempts to keep secret everything and anything. Developers of ICS keep the source code secret, owners of factories and infrastructure place a “SECRET” stamp on the schematics of information and control systems, the types of used software are kept secret, and so on. However, at the same time, information about vulnerabilities in, for example, the majority of popular SCADA systems, is freely available on the Internet. And if we dig deeper we find that for several years already the SHODAN search engine has been up and running – designed for, among other things, seeking out vulnerable industrial systems (including SCADA), whose owners decide to connect them to – or forgot to disconnect them from – the Internet.

SHODAN Map

In parallel, specialists at industrial/infrastructure organizations also apply traditional methods of protection of vulnerable software and operating systems through control over program behavior and also over actions of users. But a 100% guarantee of protection can’t be provided, again because of vulnerability-by-default in the software doing the controlling. But for critical infrastructure a guarantee is what is needed most of all.

Protection as It Should Be

Ideally, all ICS software would need to be rewritten, incorporating all the security technologies available and taking into account the new realities of cyber-attacks. Alas, such a colossal effort coupled with the huge investments that would be required in testing and fine-tuning would still not guarantee sufficiently stable operation of systems.

But there is fully realizable alternative: a secure operating system, one onto which ICS can be installed, and which could be built into the existing infrastructure – controlling “healthy” existing systems and guaranteeing the receipt of reliable data reports on the systems’ operation.

First I’ll answer the most obvious question: how will it be possible for KL to create a secure OS if no one at Microsoft, Apple, or the open source community has been able to fully secure their respective operating systems? It’s all quite simple really.

First: our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media. Second: we’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity. This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable.

More details about the system, its requirements and background to its development you can read here.

In closing, in anticipation of the multitude of questions from colleagues, partners, media and simply curious folks, a few basics: the development is a truly secure environment. It’s a sophisticated project, and almost impracticable without active interaction with ICS operators and vendors. We can’t reveal many details of the project now because of the confidentiality of such cooperation. And we don’t want to talk about some stuff so competitors won’t jump on our ideas and nick the know-how. And then there are some details that will remain for certain customers’ eyes only forever, to ward off cyber-terrorist abuses. But as soon as any possibilities do appear, we’ll tell you all we can about the project in more detail.

Till next time!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


  1. Well played, the panic inducing reference to disaster movies at the beginning. Politicains like that – Still, you fail to answer the obvious question: why starting from scratch (oh so many have tried and most of them failed!) rather than throwing the force behind hardening some existing OS instead? So excuse me but I’m rather unimpressed.


    • There are multiple companies such as Greenhills and Wind River that have been doing this for more than ten years. They have products that can be used as a secure OS and/or a secure hypervisor. The products exist today, have military (DO-178B) and security (NSA) certifications. A new company starting from scratch, learning all the hard lessons again, Yawn….


  2. Love it! But from a business point of view, would not this force the companies to “TRUST” the K-OS (M$ has already done that and everyone knows the results)? I dont deny the credibility of K-Labs. But thinking on this, the businesses would be “forced” to persue the K-services. The freedom of choice exists but it might cost them a fortune to migrate( incase the companies choose to). Moreover the idea of flame/stux like highly sophisticated wepaons residing inside the os might discourage the popularity. Nonetheless, any new os is always exciting. Waiting anxiously for more details!


  3. Interesting idea, but looks like embedded OS with minimal compatibility, at the same time, alot of software needs dependencies and frameworks to run, and those usually have the “holes”, but good luck on that one!

  4. Pingback: Η Kaspersky Lab επιβεβαιώνει της φήμες ότι αναπτύσει δικό της λειτουργικό σύστημα

  5. Pingback: Eugene Kaspersky Unveils Plans for New Secure SCADA OS | SICK Sensor Vietnam - SICK Vietnam - SICK Việt Nam - SICK Sensor Việt Nam-AUMI-Đại diện SICK Sensor Việt Nam

  6. Pingback: Η Kaspersky Lab επιβεβαιώνει τις φήμες ότι αναπτύσει δικό της λειτουργικό σύστημα | ITComputerRoom


  7. Dear Eugene,

    that’s good news, and of course I’m curious about the details.

    Do you also consider techniques employed in KeyKOS , its successor EROS-OS and its respective successor KapROS ? All limit the transitivity of trust by means of their capability based design.

    I question, however, two of the statements quoted from you linked to:
    “* The operating system can’t be based on existing computer code; therefore, it must be written from scratch.
    * To achieve a guarantee of security it must contain no mistakes or vulnerabilities whatsoever in the kernel, which controls the rest of the modules of the system. As a result, the core must be 100% verified as not permitting vulnerabilities or dual-purpose code.”

    The first point might work given you have that much resources – but still getting it work reliably and securely will cost a fortune even if it’s only a microkernel we are talking about.

    More fundamentally, I consider the second point almost impossible. There are only a few ways out:
    1. Using a limited language that allows for mathematical proofs of the code.
    2. Building in fences that try to contain the faults built inside the code from spreading. So try to even let faulty code not become visible by means of failures. This is a principle described with reliability in mind in Robert S. Hanmers book.

    Yours,
    Pia

  8. Pingback: Kaspersky Lab revelou planos para lançar seu próprio sistema operacional (muito mais seguro) | Limbotech

  9. Pingback: Kaspersky builds its own antimalware OS — but not for you | WestPenn Journal

  10. Pingback: Curator » Kaspersky builds its own antimalware OS — but not for you

  11. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | allcom.se

  12. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | The Worlds Tech Blog

  13. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare ← techtings

  14. Pingback: Kaspersky trabaja en un sistema operativo seguro para aplicaciones industriales

  15. Pingback: Rumor: Kaspersky está criando seu próprio O.S | DayvsonTI

  16. Pingback: Kaspersky trabaja en un sistema operativo seguro para aplicaciones industriales | El Tenanpa

  17. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | Appyummy

  18. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | |

  19. Pingback: Rob’s Radar 10/16 | Robert Croak

  20. Pingback: Kaspersky trabaja en un sistema operativo seguro para aplicaciones industriales - La Isla Buscada Noticias

  21. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | Project Konnect

  22. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare : Lenned

  23. Pingback: ¿Está Kaspersky Lab desarollando su propio sistema operativo?

  24. Pingback: Kaspersky desarrolla nuevo Sistema Operativo - Marcianos

  25. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | tekifeed.com – Gadget Feeds, Gadget News and more!

  26. Pingback: Kaspersky Labs trabaja en su propio sistema operativo como trinchera contra ciberataques industriales y nacionales ← Blog DesignMulticolor

  27. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | Eric Glasser

  28. Pingback: Kaspersky trabaja en un sistema operativo seguro para aplicaciones industriales | El Correo

  29. Pingback: Industrieanlagen: Kaspersky will SCADA-Systeme sicher machen | Edv-Sicherheitskonzepte.de – News Blog aus vielen Bereichen

  30. Pingback: Kaspersky desenvolve sistema operacional

  31. Pingback: News › Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare

  32. Pingback: ste williams » Kaspersky Lab to create new OS ‘to save the world’

  33. Pingback: Acabou o mistério. Fãs de Kaspersky podem comemorar! | Sem Bugs

  34. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | SP1RACY - All things tech & more

  35. Pingback: Kaspersky Lab to create new OS ‘to save the world’ | Brad Dickinson

  36. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare

  37. Pingback: An Operating System for the Cyber War Era - Tech Talk | Tech Talk

  38. Pingback: » Blog Archive » Kaspersky desenvolve sistema operacional

  39. Pingback: Kaspersky vai criar seu próprio sistema operacional super seguro voltado para empresas | Micro Ploft

  40. Pingback: Kaspersky trabaja en un sistema operativo seguro para aplicaciones industriales « BlackBerry Warez | Blog

  41. Pingback: Kaspersky desenvolve sistema operacional | Geekedy

  42. Pingback: Kaspersky works in a secure operating system for industrial applications | Tech Crash

  43. Pingback: Kaspersky Labs builds new OS to combat Stuxnet, major exploits | Technology News

  44. Pingback: .:[ d4 n3wS ]:. » Kaspersky OS

  45. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | Techno Gadget Feed

  46. Pingback: Kaspersky Lab Developing Its Own Operating System | Robert Accettura's Fun With Wordage

  47. Pingback: Kaspersky reveals plans to launch their own operating system, claims it will be more secure than Apple or Microsoft | 1v8 NET

  48. Pingback: 스턱스넷을 막아라…카스퍼스키, 독자 OS 개발 추진 | Tech IT! | All about IT Trend

  49. Pingback: Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare | eMagility :: defining mobile agility

  50. Pingback: perantiNET Kaspersky Lab sedang kembangkan sistem operasi baru » perantiNET

  51. Pingback: Archiwum Dane firm na celowniku miniFlame. Skuteczną ochronę zapewni dopiero Kaspersky OS?

  52. Pingback: Anonymous

  53. Pingback: Kaspersky entwickelt eigenes Betriebssystem | ZDNet.de

  54. Pingback: » Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare Gamez Menu

  55. Pingback: Kaspersky Lab developing secure OS for industrial control systems | LIVE HACKING

  56. Pingback: Kaspersky arbeitet an eigenem Betriebssystem |silicon.de

  57. Pingback: Kaspersky Lab plantea su propio sistema operativo de alta seguridad « Francisco Unica

  58. Pingback: Kaspersky Lab plantea su propio sistema operativo de alta seguridad : CarWarez

  59. Pingback: Kaspersky développe son OS sécurisé | Korben

  60. Pingback: Kaspersky Lab arbeitet an einem sicheren Betriebssystem für Industrieanlagen | IT-News

  61. Pingback: 1081009 | Kaspersky ประกาศทำระบบปฏิบัติการ ช่วยป้องกันซอฟต์แวร์ภาคอุตสาหกรรม | ร้อยแปดพันเก้า.com 1081009

  62. Pingback: Kaspersky Lab plantea su propio sistema operativo de alta seguridad

  63. Pingback: Kaspersky Lab is building ‘unhackable’ OS for industrial control systems | COLLABGENIES

  64. Pingback: Kaspersky kritik bilgi sistemlerini korumak adına işletim sistemi geliştiriyor

  65. Pingback: Kaspersky lanzará un sistema operativo con seguridad reforzada

  66. Pingback: [Kurzinfo] Kaspersky entwickelt eigenes Betriebssystem…für die Industrie | Beatmasters WinLite Blog

  67. Pingback: Kaspersky lanzará un sistema operativo : TuSoft

  68. Pingback: 30310012 - Kaspersky Labs builds new OS to combat Stuxnet, major exploits

  69. Pingback: » Blog Archive » Kaspersky Lab plantea su propio sistema operativo de alta seguridad

  70. Pingback: Kaspersky Hopes to “Save The World” With New, Ultra-Secure OS | SiliconANGLE

  71. Pingback: Anonymous

  72. Pingback: Kaspersky Lab desarrollará su propio sistema operativo

  73. Pingback: Kaspersky Lab está desarrollando un sistema operativo orientado a la industria | Gigle.net

  74. Pingback: Kaspersky Lab vyvíjí vlastní operační systém | IT MooV.eu

  75. Pingback: Kaspersky Lab Is Working On A Super Secure OS | The Tech Journal

  76. Pingback: Today’s Links October 17, 2012

  77. Pingback: Kaspersky Kendi İşletim Sistemini Geliştiriyor | Webesen.com

  78. Pingback: Kaspersky, un OS per salvare il mondo | infropy - information entropy

  79. Pingback: Kaspersky vuole realizzare un sistema operativo ad alta sicurezza

  80. Pingback: Kaspersky Lab plantea su propio sistema operativo de alta seguridad | TecnoApps.net

  81. Pingback: Russian Anti-Virus Firm Plans Secure Operating System to Combat Stuxnet - Gadsit Buzz


  82. Reblogged this on thewordpressghost and commented:
    Everyone,

    I know you have already read this some where else in the news.

    OK, you and I know you haven’t, because the news is not very great anymore.

    Kaspersky committed to building a secure OS from scratch.

    One of the best anti-virus companies is taking it to the next level. I think that this is great news?

    What do you think?

    Ghost.

  83. Pingback: Eugene Kaspersky: “La escalada en la ciberguerra es una llamada a la acción” | PCFORMAT MX

  84. Pingback: Kaspersky prepara su propio sistema operativo

  85. Pingback: Kaspersky está desarrollando un sistema operativo 100% seguro para control industrial


  86. Secure OS is great. But still it is running on a hardware which is not secure. So, Complement this effort, need to make sure that OS is executed in plaforms supported with Hardware Security Module.

  87. Pingback: Kaspersky développe son OS sécurisé

  88. Pingback: Kaspersky Lab está desenvolvendo um sistema operacional próprio

  89. Pingback: カスペルスキー、産業用システム向けのセキュアなOSを開発へ[#cbajp] | CBA – Cloud News Japan

  90. Pingback: Russian Firm Works to Prevent ‘Die Hard’ Cyberattacks | SICK Sensor Vietnam - SICK Vietnam - SICK Việt Nam - SICK Sensor Việt Nam-AUMI-Đại diện SICK Sensor Việt Nam

  91. Pingback: Kaspersky Lab plantea su propio sistema operativo de alta seguridad | The Last Blog

  92. Pingback: Kaspersky Lab Developing Secure Operating System for SCADA | Media GeniusHackers

  93. Pingback: The Secure Operating System Equation | SICK Sensor Vietnam - SICK Vietnam - SICK Việt Nam - SICK Sensor Việt Nam-AUMI-Đại diện SICK Sensor Việt Nam

  94. Pingback: Kaspersky Kembangkan OS untuk Lindungi Sistem Informasi Penting | Indonesian Geeks Portal

  95. Pingback: Ciberguerra: una llamada a la acción

  96. Pingback: Nuovo sistema operativo sicuro da Kaspersky | Multimedia | Digital.it

  97. Pingback: Kaspersky Lab está desenvolvendo um sistema operacional próprio « Blog do Luiz Antonio Silva

  98. Pingback: Kaspersky Lab Developing Its Own Secure Operating System | The Techi News - Latest technology news websites, mobile technology news, technology news uk, Computing Technology News Gadget news


  99. We all live in Cyber war EK has the plan to protect U 6. ; to every one reading this will be in steps to protect your wallet U identify issues Kaspersky institute runs to clean the threats & people it never ends so the War on hackers & rogue Governments. Protection
    Is 24 /7 issue folks.

  100. Pingback: Kaspersky تكشف عن نظام تشغيل جديد آمن موجه للقطاع الصناعي يحد من الهجمات الأمنية | المجلة التقنية

  101. Pingback: Kaspersky Lab announces a brand-new OS focused on security | CELL and COMPUTER

  102. Pingback: Kaspersky développe son propre OS pour sécuriser les Scada | LeMagIT

  103. Pingback: Kaspersky Lab announces a brand-new OS focused on security | Printing Service Ft Myers

  104. Pingback: Kaspersky secure operating system in production « seCURE Connexion


  105. Noble effort, perhaps, but where does this flawless secure OS reside? Does it replace proprietary software managing the scan cycle on the PLC’s or Unix on data historians or Windows on all the engineering work stations, PC-based HMI’s and monitoring and management systems, or onsupport workstations? What about control servers and routers and RTU’s on the SCADA network? And…

    There is neither a single hardware platform nor a common OS in the complex, custom-tailored world of ICS software. I’m skeptical that this approach can work even if the OS can be built. And this is to say nothing of the enormous diversity of the marketing target, where every plant and factory is a one-off, custom-designed, hand-configured installation. This is not the desktop world–not even close.

    What is right about this approach is the recognition that the vulnerabilities in ICS’s are built into the very structure of how the systems are designed and built, from the PLC hardware modules to the ladder logic in the control application, all the way to the HMI. The problems will not be made to go away by a patchwork of partial solutions, by fresh layers of signature-based and behavioral barricades or ad hoc plugs filling up holes that should not have been there in the first place.

    As I said at EST 2012 in Lisbon, these problems are architectural and will require architectural solutions. Whether a new OS will help much remains to be seen, but I certainly wish my colleagues at KL good luck in their pursuit.

    –Prof. Larry Constantine (Lior Samson)


    • Dear Larry,

      > The problems will not be made to go away by a patchwork
      > of partial solutions, by fresh layers of signature-based
      > and behavioral barricades or ad hoc plugs filling up holes
      > that should not have been there in the first place.

      I agree with you. What I have meant with “fences” has been limited to a certain context: If a fault already became visible in terms of a failure, in my opinion you have to change the code to fix the fault and change the process (e.g. improve education) to fix the error to help preventing the same fault happening again. Building in fences instead only adds to the complexity, and the fences or barriers probably add their own faults to the overall system. The situation I meant, however, was the case that you do not know the faults yet, but must assume that there are faults simply because human beings are limited. Too much self-confidence or testosterone is dangerous – therefore one should contain the faults one does not know about yet. Or – as others and I have said – use mathematically provable programming languages.

      Yours,
      Pia


      • I think we are in agreement about the need for proactive rather than merely reactive approaches to industrial security. In this theater, the conventional route of responding after vulnerabilities are discovered as zero-day exploits could mean first waiting for a major portion of some power grid be taken down or a chemical plant to be reduced to rubble and then figuring out how it could/should have been prevented.

        I was talking with ICS security expert Ralph Langner yesterday. We agreed that the biggest barriers to enhancing industrial cyber-security are not so much technical–formidable though those may be–as financial. In the absence of government mandates there are no economic incentives for operators to improve ICS security. The large investment has no near-term payoff; it is costly and it complicates already complex systems. Until the industrial equivalent of the Twin Towers, we are not likely to see great strides forward in terms of protecting critical infrastructure from cyber-attacks. Even then, it would not be too surprising if most of the effort went into initiatives analogous to airport security–showplace charades more about public reassurance.through the illusion of security than about the reality.

        –Prof. Larry Constantine

  106. Pingback: Kaspersky Lab announces a brand-new OS focused on security | Tux Doc

  107. Pingback: Kaspersky, kendi işletim sisteminin hazırlığı içinde | Teknoloji Portalı

  108. Pingback: Kaspersky Lab Announces a Brand New OS Focused on Security

  109. Pingback: RedesWEB.com » Sistema operativo 11.11 de Kaspersky Lab

  110. Pingback: Kaspersky irá desenvolver SO seguro para controle industrial | Web Developer IT

  111. Pingback: 卡巴斯基实验室规划新操作系统 | S9Tech

  112. Pingback: Kaspersky prépare un système d’exploitation hypersécurisé « Vincent ARSENE – Blog

  113. Pingback: [Software] K-OS: Antivirenexperte Kaspersky baut eigenes Betriebssystem | TechFieber | Smart Tech News. Hot Gadgets.

  114. Pingback: Kaspersky تكشف عن نظام تشغيل جديد آمن موجه للقطاع الصناعي يحد من الهجمات الأمنية | شبكة أفدنـي إستفد وأفد غيرك

  115. Pingback: Kaspersky, kendi işletim sisteminin hazırlığı içinde | Bedava İzle, Yükle, Download, Resim İndir

  116. Pingback: IT Digest: Apple’s iPad Mini, Gmail Search, Surface by Microsoft and Much More | Zfort Group Blog

  117. Pingback: Kaspersky Labs to develop a Secure OS - KabayanTech

  118. Pingback: Philippines news: Kaspersky making its own operating system | Pinas news library

  119. Pingback: SCADA Security Friday News & Notes for 19 Oct 2012

  120. Pingback: Kaspersky un sistem de operare - |

  121. Pingback: Kaspersky promises the impossible: A fully secure OS | SICK Sensor Vietnam - SICK Vietnam - SICK Việt Nam - SICK Sensor Việt Nam-AUMI-Đại diện SICK Sensor Việt Nam

  122. Pingback: Kaspersky's exploit-proof OS leaves security experts skeptical | On wide-area, cooperative network emulators


  123. A secure OS written in C is doomed to fail. You need to enrich the language and the runtime to provide automatic bounds checking and also prevent the programmer from allocating/deallocating memory manually. And this is just the start.

    (of course the memory manager still need to have unbounded access to memory. but it should be the only part of the system with this much privilege).

    Using this approach will allow you to run code safely on architecture without an MMU, because you move the problem into the compiler: thus if you can prove your compiler creates safe code (ie. there is no escaping bounds checking) then you win, and you don’t have to prove the whole code base. However I’m not touching here the reliability issue, ie. what to do when code crashes.

  124. Pingback: Kaspersky met au point un OS sécurisé pour le contrôle industriel | Univers jeunesse

  125. Pingback: La escalada en la ciberguerra es una llamada a la accion | Enterese.Net

  126. Pingback: Visto nel Web – 49 « Ok, panico

  127. Pingback: [fwd] 卡巴斯基開發自有安全作業系統 | visual's blog

  128. Pingback: Eugene Kaspersky: “La escalada en la ciberguerra es una llamada a la acción” | Computerworld Venezuela

  129. Pingback: Kaspersky’s exploit-proof OS leaves security experts skeptical | Printing Service Ft Myers

  130. Pingback: Kaspersky’s exploit-proof OS leaves security experts skeptical | CELL and COMPUTER

  131. Pingback: Kaspersky’s exploit-proof OS leaves security experts skeptical | how to get the most from your gaming console

  132. Pingback: Kaspersky’s exploit-proof OS leaves security experts skeptical » Nottingham PC Repair

  133. Pingback: Kaspersky’s exploit-proof OS leaves security experts skeptical « Breaking News « Theory Report

  134. Pingback: Kaspersky’s exploit-proof OS leaves security experts skeptical | Tux Doc

  135. Pingback: Kaspersky’s exploit-proof OS leaves security experts skeptical | Random tech stuff

  136. Pingback: Russia: Kaspersky AV company is Developing Its Own Operating System « ClearSky Cyberdefense Forum

  137. Pingback: Kaspersky's exploit-proof OS leaves security experts skeptical - Quick Download free stuff - Quick Download

  138. Pingback: Kaspersky's exploit-proof OS leaves security experts skeptical - itcenter-bg.com | itcenter-bg.com

  139. Pingback: Kaspersky Lab Developing Secure OS for Industrial Control Systems - Computing

  140. Pingback: Kaspersky Lab Developing Secure OS for Industrial Control Systems | TechContentWatch

  141. Pingback: Kaspersky irá desenvolver SO seguro para controle industrial | Programa Ctrl Alt Del

  142. Pingback: K-OS: η Kaspersky φτιάχνει το δικό της λειτουργικό

  143. Pingback: کسپرسکی سیستم‌عامل اختصاصی خود را می‌سازد

  144. Pingback: Liquidmatrix Security Digest Podcast - Episode 13 - Liquidmatrix Security Digest

  145. Pingback: | Computerworld Venezuela

  146. Pingback: Handy PC Repair – – – – – – – – – – – – – – – – – – (661) 368-5111 » Kaspersky Labs preps its own OS to guard vital industry against cyberwar

  147. Pingback: Kaspersky Lab plantea su propio sistema operativo de alta seguridad | Blog Serinfo

  148. Pingback: Mark's Tech Tock » Blog Archive » Protecting Infrastructure from Hacking

  149. Pingback: Industrial Internet links: NYC Data Week sensors, industrial Internet in transportation, and more - O'Reilly Radar

  150. Pingback: Securing Mother-SCADA. | Nota Bene | Nota Bene

  151. Pingback: Kaspersky Lab seeks to develop operating system for industrial systems by John D Carmack | Inside Business 360

  152. Pingback: Four short links: 24 October 2012 - O'Reilly Radar

  153. Pingback: Kaspersky Lab Developing Secure Operating System for SCADA | My great WordPress blog

  154. Pingback: Anti-virus firm Kaspersky Lab developing 'secure' operating system for industry and infrastructure | ITProPortalITProPortal.com