After 14 years of development, Kaspersky Lab, the company notorious for its anti-virus software among others, finally completed building a secure operating system of their own.
According to Eugene Kaspersky, CEO and founder of Kaspersky Lab, last week the company marked a special day “when the first commercially available mass market hardware device based [on] our own secure operating system landed on my desk.”
The device Eugene referring to is a layer 3 switch, a device similar in functionality to an Internet router only it operates a bit differently, is the first to run Kaspersky OS as its operating system yet it won’t be the last, says Eugene.
The operating system itself is based on a microkernel architecture approach meaning, the kernel, which is the core part of the operating system responsible for communicating with the hardware, is comprised of the near-minimum amount of software needed to provide the functionality that the OS it runs needs.
Microkernels, at least in theory, are supposed to be capable of delivering very high security level, not only due to being small in size – which means smaller attack surface, but also due to the inherent design they carry by moving much of the ‘system space’ functionality – that traditionally been delegated to the kernel – to ‘user-space’.
Therefore, it’s not surprising why Kaspersky decided to embrace that approach.
The drawbacks of such secure design on the other hand, are said to be in the performance area where monolithic kernels, such as Linux for example, usually shines. As Wikipedia puts it, more software for interfacing is required by microkernels, thus there’s a potential for performance loss.
Why Not Linux?
Although Linux has been the primary go-to kernel for most modern projects (Android, Chrome OS, SteamOS, etc), as noted, Kaspersky decided to start from scratch instead of going with the flow.
The rational behind the decision, Eugene explains:
“not even the slightest smell of Linux. All the popular operating systems aren’t designed with security in mind, so it’s simpler and safer to start from the ground up and do everything correctly. Which is just what we did.”
From that point of view, the decision certainly makes sense.
It’ll be interesting to see in the future how the new operating system will affect Linux status with regards to embedded devices, especially in light of the latest events where those (embedded devices) were used to execute malware attacks.