security and privacy issues
Shutterstock.com

Kaspersky releases secure IoT operating system for developers

Howard Solomon

Published: February 21st, 2017

The lack of security in the number of Internet of Things (IoT) devices is increasingly worrying to CISOs trying to protect corporate networks, particularly after the distributed denial of service attacks marshalled last year by the Mirai botnet.

So developers and manufacturers of IoT devices will be interested in the release announced Monday of KasperskyOS, which the namesake company calls a secure operating system for network devices, industrial control systems, and the IoT.

“Our OS is not an out-of-the-box product; it’s a project offering,” company CEO Eugene Kaspersky said in a blog. “We’re not selling a boxed solution with a cure-all for everyone. Instead, we collaborate with vendors and developers who provide, say, networking equipment, industrial automation systems, automotive solutions, even smart fridges. We provide the code and help configure the system based on their requirements.”

Because solutions are customized he didn’t cite a price.

While he doesn’t claim the OS cannot be hacked, Kaspersky says security is enhanced because the OS does only what it’s instructed to do; it can’t do anything else. Developers can look at the source code and immediately see if anything has been added that they don’t want. The kernel does not transmit data, the company says, and the microkernel “has practically nothing in it. All drivers are kept isolated. So to pass any data, one has to write another piece of code. It will be seen quite clearly — you don’t even have to look at the source code to see it. All of this is written in security policies. And the customer will always be able to audit those policies, regardless of the code. If the policies contain no instructions to send data, the system doesn’t do it.”

The OS is made up of three components: An OS (KOS), a standalone secure hypervisor (KSH), and a dedicated system for secure interaction among OS components (KSS). Developers can licence any of them for the purpose they need. For example, the blog says, a German company licensed KSS for its own operating system. The blog says some vendors are interested only in the KSH hypervisor, which lets them securely run existing applications without modification.

“At first glance this is a positive development as it reaffirms how many vendors are working to improve IoT security,” Forrester Research security analyst Merritt Maxim said in an email. “There will likely never be one solution/product that solves IoT security but a secure OS  is another tool available for organizations and developers to help secure IoT from cyber attacks.”

The solution is one that developers should consider when designing new network devices. Unfortunately, it won’t help fix the millions of unpatched and insecure devices already on the Internet. It will be a while before they are retired. Meanwhile such devices will continue to be a menace.

Would you recommend this article?

0
0
Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Download
Cybersecurity Conversations with your Board Sponsor: CanadianCIO
Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA
Download Now
Tweet This Facebook LinkedIn
, ,