Google Announced KataOS, a Secure OS Written in Rust

Google announced “KataOS”. It’s an early-stage attempt to find a new secure operating system for embedded systems running on open-source RISC-V chips.

KataOS is said to be written, “almost entirely in Rust”. Rust is the programming language used by the Android Open Source Project and the Linux kernel project.

Google’s open-source team says, “KataOS is implemented almost entirely in Rust, and has a strong focus on software security by eliminating entire classes of bugs like off-by-one errors (OBOE) and buffer overflows.” It will be the starting point,” he said. The team is building an intelligent ambient machine learning (AmbiML) system.

The project’s GitHub page emphasizes that KataOS and its containing project, Sparrow, are “purely a work in progress.” Sparrow is the reference implementation of KataOS.

Google says: “We, the Google Research team, are working to solve this problem by building a provably secure platform optimized for embedded devices running ML applications. This is an ongoing project. , there is still a lot of work to be done, but by sharing early details and inviting people to contribute to the platform, we hope to work together to build an intelligent ambient system with security built in by default.”

The OS isn’t aimed at desktop PCs or smartphones but at the Internet of Things (IoT) and possibly the smart home.

The goal is to build systems whose safety can be verified for embedded hardware and edge devices. Such devices may include network-connected cameras used to capture images that are processed for ML on-device or in the cloud.

The AmbiML team said, “If we can’t prove mathematically that the devices around us keep data safe, the personally identifiable data they collect, such as people’s images and voices, cannot be accessed by malicious software. There is a risk that it will be lost,” he said. And despite that, he says security is often the last thing added.

