Google Announces KataOS: A Rust‑Based Secure OS Built on the seL4 Microkernel

Google announced the launch of the secure operating system KataOS, their latest OS focused on embedded devices for machine learning workloads. Prioritizing security, KataOS is developed entirely in Rust and built on the seL4 microkernel.

Through the seL4 CAmkES framework, we can provide statically defined and analyzable system components. KataOS offers a verifiable secure platform to protect user privacy, as applications cannot logically violate the kernel's hardware security protections, and system components are verifiably safe. KataOS is also almost entirely implemented in Rust, giving a strong foundation for software security by eliminating entire classes of errors such as off‑by‑one bugs and buffer overflows.

Currently, Google has open‑sourced most of the KataOS core on GitHub, including the Rust framework (e.g., the sel4-sys crate providing seL4 system‑call APIs), a Rust‑written backup rootserver for dynamic system‑wide memory management, and kernel modifications to reclaim memory used by the rootserver.

Google says internally KataOS can dynamically load and run third‑party applications built outside the CAmkES framework, though the components required to run these apps are not yet open‑sourced; they may be released in the near future.

To fully demonstrate a secure environment, Google built a reference implementation called Sparrow, which combines KataOS with a secure hardware platform. Sparrow includes a logical secure root of trust built on OpenTitan on RISC‑V, and the initial version targets running on a standard 64‑bit ARM platform via QEMU simulation.

Google aims to open‑source all of Sparrow, including hardware and software designs; the currently released early version of KataOS is just the beginning.

Related links: Google Blog Announcement and Sparrow Manifest on GitHub