Google Research has developed a secure open source operating system for embedded systems using machine learning with the Rust language.
For the development of KataOS, the team worked with Antmicro to use the Renode simulator and related frameworks. The operating system is based on the secure seL4 microkernel from the Linux Foundation that is mathematically proven secure, with guaranteed confidentiality, integrity, and availability.
Through the seL4 CAmkES framework, the team are also able to provide statically-defined and analyzable system components.
As a result KataOS provides a verifiably-secure platform that protects the user’s privacy because it is logically impossible for applications to breach the kernel’s hardware security protections and the system components are verifiably secure.
- ARM joins the Rust foundation
- Partnership brings Rust programming to eSOL RTOS
- World’s largest AI model supports 13 programming languages
Using Rust provides a strong starting point for software security as it eliminates entire classes of bugs, such as off-by-one errors and buffer overflows. This is key for AI applications that need to keep data such as images secure.
The current release on GitHub (below) includes most of the KataOS core pieces, including the frameworks used for Rust, an alternate rootserver written in Rust that is needed for dynamic system-wide memory management and the kernel modifications to seL4 that can reclaim the memory used by the rootserver.
Internally, KataOS also is able to dynamically load and run third-party applications built outside of the CAmkES framework. At the moment, the code on Github does not include the required components to run these applications, but we hope to publish these features in the near future.
The team is building a reference implementation for KataOS called Sparrow, which combines KataOS with a secured hardware platform. This includes a logically-secure root of trust built with OpenTitan on a RISC-V architecture. However, for our initial release, it is targeting a more standard 64-bit ARM platform running in simulation with QEMU.
GDB debugging and simulation for the target hardware is provided by Renode.
The goal is to open source all of Sparrow, including all hardware and software designs.
Other articles on eeNews Europe
- Nanusens patents pressure sensor for e-cigarettes
- Wireless power implant could help remove brain tumours
- Fast track analog blocks for IoT designs
- STM32 wireless module enables predictive maintenance