Google announced about the opening of the KATAOS projects aimed to create a secure operating system for built -in equipment. KATAOS system components are written in RUST and are performed on top of micro-re- sel4 , for which mathematical evidence of reliability is provided on the fullest, indicating the complete compliance with the code specified in the formal language. Project code open under the license Apache 2.0.
The system provides support for platforms based on architecture RISC-V and ARM64. To simulate the work of SEL4 and the environment of KATAOS on top of the equipment, the framework is used in the development process renode .
As a reference implementation, the SPARROW software and hardware complex, combining KATAOS with secure chips based on the Opentitan platform. The proposed solution allows you to combine the logically verified core of the operating system with trusting hardware components (ROT, ROOT of TRUST), built using the Opentitan platform and RISC-V architecture. In addition to the KataOS code, it is planned to open all other Sparrow components, including the hardware component.
The platform is developing with an eye on the use in specialized chips designed for the implementation of applications for machine learning and processing confidential information that requires a special level of protection and confirmation of the lack of failures. As an example of such applications, systems are given that manipulating people and voice recordings. The use of reliability verification in KataOS guarantees that in the case of a failure in one part of the system, this failure will not spread to the rest of the system and, in particular, to the core and critical parts.