About KasperskyOS Community Edition

KasperskyOS Community Edition (CE) is a publicly available version of KasperskyOS that is designed to help you master the main principles of application development under KasperskyOS. KasperskyOS Community Edition will let you see how the concepts rooted in KasperskyOS actually work in practical applications. KasperskyOS Community Edition includes sample applications with source code, detailed explanations, and instructions and tools for building applications.

KasperskyOS Community Edition will help you:

• Learn the principles and techniques of "secure by design" development based on practical examples.
• Explore KasperskyOS as a potential platform for implementing your own projects.
• Make prototypes of solutions (primarily Embedded/IoT) based on KasperskyOS.
• Port applications/components to KasperskyOS.
• Explore security issues in software development.

KasperskyOS Community Edition lets you develop applications in the C and C++ languages. For more details about setting up the development environment, see "Configuring the development environment".

You can download KasperskyOS Community Edition here.

In addition to this documentation, we also recommend that you explore the materials provided in the specific KasperskyOS website section for developers.

About this Guide

The KasperskyOS Community Edition Developer's Guide is intended for specialists involved in the development of secure solutions based on KasperskyOS.

The Guide is designed for specialists who know the C/C++ programming languages, have experience developing for POSIX-compatible systems, and are familiar with GNU Binary Utilities (binutils).

You can use the information in this Guide to:

• Install and remove KasperskyOS Community Edition.
• Use KasperskyOS Community Edition.

Distribution kit

The KasperskyOS SDK is a set of software tools for creating KasperskyOS-based solutions.

The distribution kit of KasperskyOS Community Edition includes the following:

• DEB package for installation of KasperskyOS Community Edition, including:
  • Image of the KasperskyOS kernel
  • Development tools (GCC compiler, LD linker, GDB debugger, binutils toolset, QEMU emulator, and accompanying tools)
  • Utilities and scripts (for example, source code generators, makekss script for creating the Kaspersky Security Module, and makeimg script for creating the solution image)
  • A set of libraries that provide partial compatibility with the POSIX standard
  • Drivers
  • System programs (for example, virtual file system)
  • Usage examples for components of KasperskyOS Community Edition
  • End User License Agreement
  • Information about third-party code (Legal Notices)
• KasperskyOS Community Edition Developer's Guide (Online Help)
• Release Notes

The KasperskyOS SDK is installed to a computer running the Debian GNU/Linux operating system.

The following components included in the KasperskyOS Community Edition distribution kit are the Runtime Components as defined by the terms of the License Agreement:

• Image of the KasperskyOS kernel.

All the other components of the distribution kit are not the Runtime Components. Terms and conditions of the use of each component can be additionally defined in the section "Information about third-party code".

System requirements

To install KasperskyOS Community Edition and run examples on QEMU, the following is required:

1. Operating system: Debian GNU/Linux 10 "Buster". A Docker container can be used.
2. Processor: x86-64 architecture (support for hardware virtualization is required for higher performance).
3. RAM: it is recommended to have at least 4 GB of RAM for convenient use of the build tools.
4. Disk space: at least 3 GB of free space in the /opt folder (depending on the solution being developed).

To run examples on the Raspberry Pi hardware platform, the following is required:

• Raspberry Pi 4 Model B (Revision 1.1, 1.2, 1.4, 1.5) with 2, 4, or 8 GB of RAM
• microSD card with at least 2 GB
• USB-UART converter

Included third-party libraries and applications

To simplify the application development process, KasperskyOS Community Edition also includes the following third-party libraries and applications:

• Automated Testing Framework (ATF) (v.0.20) – set of libraries for writing tests for programs in C, C++ and POSIX shell.

  Documentation: https://github.com/jmmv/atf

• Boost (v.1.78.0) is a set of class libraries that utilize C++ language functionality and provide a convenient cross-platform, high-level interface for concise coding of various everyday programming subtasks (such as working with data, algorithms, files, threads, and more).

  Documentation: https://www.boost.org/doc/

• Arm Mbed TLS (v.2.28.0) implements the TLS and SSL protocols as well as the corresponding encryption algorithms and necessary support code.

  Documentation: https://github.com/Mbed-TLS/mbedtls

• Civetweb (v.1.11) is an easy-to-use, powerful, embeddable web server based on C/C++ with additional support for CGI, SSL and Lua.

  Documentation: http://civetweb.github.io/civetweb/UserManual.html

• FFmpeg (v.5.1) – set of libraries with open source code that let you write, convert, and transmit digital audio- and video recordings in various formats.

  Documentation: https://ffmpeg.org/ffmpeg.html

• fmt (v.8.1.1) – open-source formatting library.

  Documentation: https://fmt.dev/latest/index.html

• GoogleTest (v.1.10.0) – C++ code testing library.

  Documentation: https://google.github.io/googletest/

• iperf (v.3.10.1) – network performance testing library.

  Documentation: https://software.es.net/iperf/

• libffi (v.3.2.1) – library providing a C interface for calling previously compiled code.

  Documentation: https://github.com/libffi/libffi

• libjpeg-turbo (v.2.0.91) – library for working with JPEG images.

  Documentation: https://libjpeg-turbo.org/

• jsoncpp (v.1.9.4) – library for working with JSON format.

  Documentation: https://github.com/open-source-parsers/jsoncpp

• libpng (v.1.6.38) – library for working with PNG images.

  Documentation: http://www.libpng.org/pub/png/libpng.html

• libxml2 (v.2.9.14) – library for working with XML.

  Documentation: http://xmlsoft.org/

• Eclipse Mosquitto (v2.0.14) – message broker that implements the MQTT protocol.

  Documentation: https://mosquitto.org/documentation/

• nlohmann_json (v.3.9.1) – library for working with JSON format.

  Documentation: https://github.com/nlohmann/json

• jsoncpp (v.4.2.8P15) – library for working with the NTP time protocol.

  Documentation: http://www.ntp.org/documentation.html

• opencv (v.4.6.0) – open-source computer vision library.

  Documentation: https://docs.opencv.org/

• OpenSSL (v.1.1.1q) – full-fledged open-source encryption library.

  Documentation: https://www.openssl.org/docs/

• pcre (v.8.44) – library for working with regular expressions.

  Documentation: https://www.pcre.org/current/doc/html/

• protobuf (v.3.19.4) – data serialization library.

  Documentation: https://developers.google.com/protocol-buffers/docs/overview

• spdlog (v.1.9.2) – logging library.

  Documentation: https://github.com/gabime/spdlog

• sqlite (v.3.39.2) – library for working with databases.

  Documentation: https://www.sqlite.org/docs.html

• Zlib (v.1.2.12) – data compression library.

  Documentation: https://zlib.net/manual.html

• usb (v.13.0.0) – library for working with USB devices.

  Documentation: https://github.com/freebsd/freebsd-src/tree/release/13.0.0/sys/dev/usb

• libevdev (v.1.6.0) – library for working with evdev peripheral devices.

  Documentation: https://www.freedesktop.org/software/libevdev/doc/latest/

• Lwext4 (v.1.0.0) – library for working with the ext2/3/4 file systems.

  Documentation: https://github.com/gkostka/lwext4.git

See also Information about third-party code.

Limitations and known issues

Because the KasperskyOS Community Edition is intended for educational purposes only, it includes several limitations:

1. Dynamically loaded libraries are not supported.
2. The maximum supported number of running programs is 32.
3. When a program is terminated through any method (for example, "return" from the main thread), the resources allocated by the program are not released, and the program goes to sleep. Programs cannot be started repeatedly.
4. You cannot start two or more programs that have the same EDL description.
5. The system stops if no running programs remain, or if one of the driver program threads has been terminated, whether normally or abnormally.