Google Announces New Open-source OS for RISC-V Chips
Using a new Rust-based operating system, Google aims to secure ambient machine learning on embedded hardware.
Researchers at Google recently announced a mathematically-secure platform, KataOS, optimized for embedded ML applications. The Alphabet giant has shared some early details on this project (which is still under development) and is inviting others to collaborate on its open-source platform.
Google's homegrown operating system KataOS is part of a larger project, Sparrow, that leverages RISC-V and Google's hardware root-of-trust OpenTitan. The project aims to design a secure, low-power embedded platform for "ambient ML applications." KataOS runs on top of seL4, one of the world's fastest operating system kernels built for security, and is written almost entirely in the Rust programming language.
Diagram of the seL4 microkernel. Image used courtesy of the seL4 Foundation
Rust-based KataOS and Sparrow Platform
Google has open-sourced several components of KataOS on Github to enable collaboration. Google partnered with Antmicro on its Renode Simulator for embedded hardware design. The simulator allows rapid software/hardware design and provides a multi-core RISC-V platform.
The foundation of KataOS is the seL4 microkernel, which offers high security, integrity, and stability, according to Google. With the seL4 CAmkES framework, Google also provides statically-defined and analyzable system components.
CAmkES connectors and components. Image used courtesy of the seL4 Foundation
seL4's claim to fame is its verifiably-secure platform designed for security-focused embedded applications implemented entirely in Rust. This platform is said to eliminate many bugs, such as off-by-one errors and buffer overflows. Rust combines functional, object-oriented, and concurrent programming approaches and therefore allows for a high level of abstraction. Google claims its safety has also been formally proven.
What's Available on GitHub?
The GitHub release of KataOS includes:
- Frameworks used for Rust
- Alternate root server written in Rust
- Kernel modifications to seL4 that can reclaim memory used by the root server
The KataOS can dynamically load and run third-party applications built outside the CAmkES framework. Researchers at Google hope to publish the components to run these applications soon.
Sparrow is a reference embedded platform to prove KataOS. In addition to the secure kernel, Sparrow consists of a secure root-of-trust built with OpenTitan on a RISC-V architecture. The root-of-trust includes keys used for cryptographic functions and enables a secure boot process. In other words, it makes the hardware immune to malware attacks.
Google says it will release all of Sparrow's hardware and software designs to continue building secure, ambient ML systems that run on embedded devices.