Google AmbiML Open-Sources ‘KataOS,’ A Secure Operating System For Embedded Machine Learning Hardware

Due to recent technological breakthroughs, the number of always-on or ambient smart gadgets has proliferated in recent years. However, such technical developments also prompt worries about collecting private information for machine learning and other security and privacy risks. The collected personally identifiable data, such as pictures that can be used to recognize people’s faces and voice recordings, could be made available to malicious software if personal devices cannot be mathematically verified to keep data private. There is still a risk to privacy from a compromised or hacked device, even if organizations like Google have progressed in this direction by developing tools like federated learning to assist in safeguarding privacy in ML datasets.

Furthermore, system security is frequently considered a software feature that may be added to current systems or fixed with an additional ASIC hardware component. However, this is insufficient. The AmbiML team at Google Research set out to address this issue by developing a provably secure platform tailored for embedded devices that execute ML applications. The team specifically works on developing tools for ML in secure embedded settings. Announcing on the Google Open Source blog, the company recently open-sourced KataOS, a provably secure operating system built on the seL4 microkernel. In addition to KataOS, Google is also making available Sparrow, a reference version of the operating system designed for a secure hardware platform built on the RISC-V architecture. 

KataOS was developed to control the security and privacy of data acquired by smart devices. This operating system’s foundation is seL4, a mathematically proven secure microkernel that guarantees confidentiality. Due to Rust’s memory safety when it comes to off-by-one errors and buffer overflows, the OS is almost entirely implemented in this language. It is conceptually impossible for programs to get past the hardware security safeguards built into the kernel, and the system components are further independently verified to be secure. KataOS is developed using the CAmkES build system and can target either the RISC-V or ARM architecture.

👉 Read our latest Newsletter: Microsoft’s FLAME for spreadsheets; Dreamix creates and edit video from image and text prompts......

Google Research has collaborated with Antmicro on the Renode simulator and associated frameworks. This endeavor was a component of Google’s Springbok development, a hardware ML accelerator built on the RISC-V architecture. The Google team was able to jointly design the hardware and software for a safe embedded ML platform thanks to the Renode simulation environment. Most of the KataOS core components are included in the current GitHub release, including the Rust frameworks, a different rootserver created for dynamic system-wide memory management, and kernel modifications to seL4 that can reclaim the memory consumed by the rootserver. Working with Antmicro made it possible to use Renode’s GDB debugging and simulation tools for their target hardware.

The team is also putting effort into creating Sparrow, a reference implementation for KataOS that integrates KataOS with a secure hardware platform. Sparrow contains a logically secure root of trust created with OpenTitan on a RISC-V architecture in addition to the logically secure operating system kernel. Sparrow will be completely open-sourced by Google, including all of the software and hardware designs. However, for the time being, the business plans to make an early KataOS version available on GitHub.

The Google team is quite enthusiastic about the potential of KatosOS, although there is still much to be done on the ongoing project. They look forward to community contributions that will help them construct intelligent ambient systems with security built-in by default.


Check out the Google Article, Reference Article, and Github. All Credit For This Research Goes To Researchers on This Project. Also, don’t forget to join our Reddit page and discord channel, where we share the latest AI research news, cool AI projects, and more.

Khushboo Gupta is a consulting intern at MarktechPost. She is currently pursuing her B.Tech from the Indian Institute of Technology(IIT), Goa. She is passionate about the fields of Machine Learning, Natural Language Processing and Web Development. She enjoys learning more about the technical field by participating in several challenges.