Google announced KataOS, an exploration of a new secure operating system for embedded systems on the open source RISC-V chip.
Google’s KataOS is written “almost entirely in Rust”, the programming language that has been Android open source project and Linux Kernel Project.
“KataOS is also implemented almost entirely in Rustprovides a strong starting point for software security, as it eliminates entire classes of errors, such as one-on-one failures and buffer overflows,” Google’s open source team explainedis building intelligent ambient machine learning (AmbiML) systems.
Also: These three tech skills can help fend off a downturn in your career, bosses say
The projects GitHub Pages emphasizes that KataOS and its automotive project name, Sparrow, are “definitely a work in progress”. Sparrow is a reference implementation of KataOS.
“Our team in Google Research set out to tackle this problem by building a provably secure platform optimized for embedded devices running ML applications. This is a project. The ongoing project has a lot of work to do, but we are happy to share some early details and invite others to collaborate on the platform so that we can all build a smart environmental system. built-in security by default,” said Google.
The operating system is not for desktops or smartphones but for the Internet of Things, possibly for smart homes.
The goal is to build verifiable secure systems for embedded hardware or edge devices like networked cameras used to capture images that are processed on-device or in the cloud for machine learning.
“If the devices around us can’t be mathematically proven to keep data safe, then the personally identifiable data they collect – such as people’s pictures and audio recordings their voice – can be accessed by malware,” notes the AmbiML team, who adds that security is usually addressed at the end.
The operating system is being built with the new “security priority” microchannel sel4. It is open source but not based on Linux and not related to Google Fuchsia OS.
Data61, the digital arm of Australian research agency CSIRO, publish sel4 in 2020 as a mathematically proven error-free, correct kernel. Linux Foundation selL4 Foundation.
“As the foundation for this new operating system, we chose seL4 as a microchannel because it puts security first and foremost; it is mathematically proven to be secure, with guaranteed security, integrity, and availability,” explains Google.
“Through the seL4 CAmkES framework, we are also able to provide statically identifiable and analyzable system components. KataOS provides a verifiable secure platform that protects user privacy because applications cannot logically violate the hardware security measures of the kernel and system components are secured in a verifiable manner.”
Also: The Smart Home Challenge: What Amazon’s Device Strategy Really Is
Although this is an early stage project, the GitHub repository has Rust-based sel4-sys Crate add-ons that provide seL4 syscall application programming interfaces. It also has a rootserver written in Rust – for system-wide dynamic memory management – and customizations for seL4 to reclaim the memory used by the rootserver. It also allows debugging.
The purpose is to support RISC-V architecture chipreceiving soon interest from NASAIntel and others.
“Sparrow includes a reasonably secure trust root built with OpenTitan on the RISC-V architecture. However, for our first release, we are targeting a more standard 64-bit ARM platform that runs in emulation with QEMU,” noted Google.
What happens to KataOS remains to be seen. Google launched the Fuchsia operating system a few years ago and it also targets IoT. It was runs on Google-made devices like the Nest Hub but, as 9to5Google notesFuchsia’s latest developments suggest that Google wants to expand it from smarthome devices to a more versatile operating system.
