Google Open-Sources Secure ML Operating System KataOS –

Learn the emerging software trends you should pay attention to. Attend online QCon Plus (Nov 30 – Dec 8, 2022). Register Now
Facilitating the Spread of Knowledge and Innovation in Professional Software Development

In this article, we introduce the topic of code obfuscation, with emphasis on string obfuscation. Obfuscation is an important practice to protect source code by making it unintelligible. Obfuscation is often mistaken with encryption, but they are different concepts. In the article we will present a number of techniques and approaches used to obfuscate data in a program.
In this podcast, Jim Barton explains some of the fundamentals of modern service meshes, and provides an overview of Istio Ambient Mesh and the benefits it will provide in the future.
Data transformation remains a continuous challenge in engineering and built upon manual toil. The open source utility Dynamo Data Transform was built to simplify and build safety and guardrails into data transformation for DynamoDB based systems––built upon a robust manual framework that was then automated and open sourced. This article discusses the challenges with Data Transformation.
Learning software craftership made me reconsider how I wrote code. Being an experienced software team manager, I try to reevaluate my management practices in the same way: what could Test Driven Management or Pair-management be? Here I propose different insights on how software craftership tools and mindset are transposable to the management domain.
In a recent article, Paula Kennedy shared her thoughts on the ever-increasing cognitive load being saddled onto development teams. Although platform engineering is touted as a solution to this challenge, a poorly designed platform will increase the cognitive burden on developers utilizing it. We must also be careful that we are not just transferring that cognitive load onto the platform teams.
Make the right decisions by uncovering how senior software developers at early adopter companies are adopting emerging trends. Register Now.
Learn how to implement and manage your API projects with a security strategy and a development mindset. Register Now.
Adopt the right emerging trends to solve your complex engineering challenges. Register Now.
Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.
InfoQ Homepage News Google Open-Sources Secure ML Operating System KataOS
Nov 22, 2022 2 min read
Anthony Alford
Google's AmbiML team recently open-sourced KataOS, a provably secure operating system for embedded ML hardware. KataOS is based on the seL4 microkernel and is implemented in Rust. Along with KataOS, Google is releasing Sparrow, a reference implementation of the operating system targeted for a secure hardware platform based on the RISC-V architecture.
The release was announced on the Google Open Source blog. The AmbiML team, which builds tools for ML on secure embedded environments, developed KataOS to address challenges associated with managing the privacy and security of data collected by smart devices. The foundation of this solution is seL4, a microkernel that is mathematically proven to be secure. Additional components are written in Rust, which the team chose in part because of its memory safety. KataOS is built using the CAmkES build system and can target either the RISC-V or ARM architecture. According to the AmbiML team:
Our goal is to open source all of Sparrow, including all hardware and software designs. For now, we're just getting started with an early release of KataOS on GitHub. So this is just the beginning, and we hope you will join us in building a future where intelligent ambient ML systems are always trustworthy.
Always-on or ambient smart devices have become more common in recent years, and their collection and use of personal data for machine learning has raised concerns about privacy. Although companies like Google have developed technologies such as federated learning to help preserve privacy in ML datasets, there is still a risk to privacy from a compromised or hacked device.
As a foundation for improving the security of these devices, Google recently partnered with Antmicro to develop Renode simulation support for RISC-V vector instructions. This effort was part of Google's development of Springbok, an ML hardware accelerator based on RISC-V. The Renode simulation environment allowed the Google team to co-develop the hardware and the software for a secure embedded ML platform.
The Google team continued their collaboration with Antmicro in developing KataOS. The teams added Rust support for the seL4 microkernel by developing a seL4-sys crate. They also contributed to the RISC-V target implementation of the microkernel and added sel4-specific debugging capability to Renode.
On Twitter, several users wondered if the release of KataOS signaled that Google would sunset Fuschia, an embedded OS developed by Google and used by Nest devices. Software developer Danny Thompson pointed out:
From my understanding that is still going on as well. Fuschia being an OS for Android and other systems, I think the intention for KataOS will be more for embedded devices.
The KataOS project team lead June Tate-Gans joined a Hacker News discussion to answer user questions. When one user pointed out that provably secure hardware and software are "table stakes" for more secure systems, Tate-Gans replied:
Absolutely, and this is specifically why I chose to start with seL4 and use Rust for the userland we built. seL4 has a verification framework already in place, so we can use it to ensure our system design and implementation is good. We've spent this time working with the seL4 guys to find a good middle ground in these changes, and we're going to see about verifying the design as we go, but we wanted to get these things out sooner rather than waiting because it affords more chances for feedback and collaboration. My only regret is not being able to open the entire source tree at once yet. We'll get there, but this is a good start in the meantime.
The KataOS source code is available on GitHub.

Becoming an editor for InfoQ was one of the best decisions of my career. It has challenged me and helped me grow in so many ways. We’d love to have more people join our team.

Data Reliability Delivered. Data breaks. We ensure your team is the first to know and the first to solve with end-to-end data observability.
A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

We protect your privacy.
You need to Register an InfoQ account or or login to post comments. But there’s so much more behind being registered.
Get the most out of the InfoQ experience.
Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

We protect your privacy.
Real-world technical talks. No product pitches.
Practical ideas to inspire you and your team.
QCon Plus – Nov 30 – Dec 8, Online.

QCon Plus brings together the world’s most innovative senior software engineers across multiple domains to share their real-world implementation of emerging trends and practices.
Uncover emerging software trends and practices to solve your complex engineering challenges, without the product pitches.Save your spot now and all content copyright © 2006-2022 C4Media Inc. hosted at Contegix, the best ISP we’ve ever worked with.
Privacy Notice, Terms And Conditions, Cookie Policy


Note that any programming tips and code writing requires some knowledge of computer programming. Please, be careful if you do not know what you are doing…

Post expires at 11:28am on Thursday February 23rd, 2023

Leave a Reply

Next Post

Why Website Captchas are Vulnerable to Cyber-Attacks? - CybersecurityNews

Wed Nov 23 , 2022
CAPTCHA and reCAPTCHA are common on all websites that require user interaction and completion of online forms. Although they were a bit annoying in the beginning, as the technology driving CAPTCHAs evolved to the Google reCAPTCHA standard, they have become less.  The question on the table is, however, how safe are […]
%d bloggers like this: