Secure ML Operating System KataOS Is Now Open Source


To develop KataOS, the Google team and Antmicro continued to collaborate.

A provably secure operating system for embedded ML hardware, KataOS, was just made available for download by the Google AmbiML team. Rust is used to create KataOS, which has a seL4 microkernel as its foundation. Google is also releasing Sparrow, a reference version of the operating system designed for a secure hardware platform built on the RISC-V architecture, along with KataOS.

On the Google Open Source blog, the release was announced. KataOS was created by the AmbiML team, which creates tools for machine learning on secure embedded environments, to address issues with managing the privacy and security of data acquired by smart devices. SeL4, a microkernel whose security has been demonstrated theoretically, is the basis of this approach. The team chose Rust, in part because of its memory safety, for additional components. KataOS can target the RISC-V or ARM architecture and is built using the CAmkES build system. The AmbiML team claims that:

“Our goal is to open source all of Sparrow, including all hardware and software designs. For now, we’re just getting started with an early release of KataOS on GitHub. So this is just the beginning, and we hope you will join us in building a future where intelligent ambient ML systems are always trustworthy.”

Always-on or ambient smart devices are more prevalent today, raising privacy concerns due to the collecting and use of private data for machine learning. Even while organisations like Google have created tools like federated learning to aid in protecting privacy in ML datasets, a compromised or hacked device still poses a risk to privacy.

Google and Antmicro collaborated recently to create Renode simulation support for RISC-V vector instructions, which will serve as a foundation for enhancing the security of these devices. This endeavour was a component of Google’s Springbok development, a hardware ML accelerator built on the RISC-V architecture. The Google team was able to jointly design the hardware and software for a safe embedded ML platform thanks to the Renode simulation environment.

The Google team and Antmicro kept working together to create KataOS. By creating a seL4-sys crate, the teams expanded Rust support for the seL4 microkernel. They also improved Renode’s sel4-specific debugging capabilities and helped the microkernel’s RISC-V target implementation.


Please enter your comment!
Please enter your name here