Virtualization Technology News and Information
Article
RSS
What it takes to make an OS: 1.3 million lines of code, 18,000 commits and 4,000 fixed bugs

Looking back at the company's own experience with KasperskyOS, Kaspersky has analyzed what is needed to develop the core components of an operating system from scratch. Over the last decade, product developers wrote 1.3 million lines of code for the kernel, drivers and basic services, and Kaspersky Security System, all key ingredients of KasperskyOS. The team fixed 3,950 bugs and even rewrote the whole system from one programming language to another.  

On November 11, 2002, Kaspersky began working on the concept of cybersecurity-by-design, a technology or a solution that would allow making security an essential property of an IT system. It was a time when Kaspersky experts understood that to protect business from ever emerging new cyber threats it is necessary to develop a fundamentally new approach to cybersecurity different from currently existing model of "virus appeared - develop antivirus." In 2012, the active development of KasperskyOS began, and today, KasperskyOS is recognized as the key to enable this secure-by-design, or Cyber Immune approach. 

The kernel of KasperskyOS only consists of 100,000 lines of code which makes it a microkernel. For comparison, Linux's kernel involves 27.8 million lines of code. However, for its development along with drivers and basic services, 1.3 million code lines were written and 18,000 commits were made to submit changes in the source code. Almost 13,500 lines more were written on assemblers for different architectures.

Kaspersky Security System is an important part of KasperskyOS that ensures that only authorized communications happen among the system components. To create it and its relevant libraries, Kaspersky developers wrote down 126,000 lines of text including approximately 100,000 lines of Haskell code. These changes composed together other 2,067 commits.

The development of KasperskyOS involves several more parts. It is the result of long discussions and many iterations, changes of concept and positioning. Once the team even rewrote the whole project from C++ to C to simplify verification and use more compilers and tools available for C. As a result, developers managed to implement the concept of a secure operating system that has a minimal number of trusted components, security domain isolation (MILS architecture approach) and inspection of inter-process communications.

Today, the Kaspersky Cyber Immunity® trademark is registered in three regions the United States, the United Kingdom and Russia.

KasperskyOS provides necessary interfaces and tools for Cyber Immune solutions development, including the isolation of security domains and control of the interaction between them. KasperskyOS-based products can cost less in terms of security than similar products based on other special-purpose operating systems of earlier generations.

Such Cyber Immune solutions are in demand in the industrial and energy sector as well as in financial and educational institutions, transport infrastructure and smart cities. Product development based on KasperskyOS is moving from protecting industrial environments and the Internet of Things towards protecting professional mobile devices and connected cars.

"We have been travelling through an exciting journey with KasperskyOS," said Andrey Suvorov, head of KasperskyOS business unit at Kaspersky. "This is not just another operating system, but a protected OS where security is its essential, innate feature. While the development took a huge amount of research and programming, we achieved our goal and made the system compact and efficient to meet its primary goal of enabling Cyber Immune IT systems through its current solutions. Kaspersky continues enhancing the operating system to make it applicable to diverse use cases of Industrial IoT, Smart City, remote workplaces."

The value of the IT solutions' "innate" security is beginning to be realized by industry and government regulators. We see that the regulation in the automotive industry is already changing with global automakers are required to ensure data transmission security, large software developers such as AWS are applying the secure-by-design approach to their services, and the cybersecurity agency of Singapore issued the Security by Design Framework document. The secure-by-design approach is fundamental in the concept of Cyber Immunity and the Cyber Immune development of Kaspersky.

To learn more about KasperskyOS and related solutions please visit: https://os.kaspersky.com/.

Published Friday, November 11, 2022 9:27 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2022>
SuMoTuWeThFrSa
303112345
6789101112
13141516171819
20212223242526
27282930123
45678910