Creating an A1 Security Kernel in the 1980s (Using “Stone Knives and Bear Skins”)

DEF CON 20

Presented by: Tom Perrine (tep)
Date: Saturday July 28, 2012
Time: 10:00 - 10:50
Location: Track 4 / Turbo

This is a retrospective of computer security research and the process of building a secure operating system for the US government 1983-1990. The paper presents the case study of Kernelized Secure Operating System (KSOS), an A1 security-kernel operating system. KSOS was written to protect SCI/compartmented data (sometimes referred to as “above TOP SECRET”), and entered production. KSOS-11 ran on PDP-11, and KSOS-32 ran on DEC VaX. KSOS-11 ran in less than 64K bytes and was a fully functional OS including a security kernel, UNIX compatibility layer and first generation TCP/IP stack.

The design for KSOS was the first operating system design that was mathematically “proven correct” using formal specifications and computer based theorem provers.

The presentation also discusses the computing technology of the day - 16 bit computers, line editors, primitive (by current standards) compilers, theorem provers and how that affected development methods and what could be accomplished.

This presentation is a technical retrospective of computer security research during 1983- 1990 placed in its social and technical context. This presentation is being written especially for DEF CON’s 20th anniversary and has never been published before. The last paper published specifically on KSOS was at the 7th NBS Computer Security Conference in 1984.

Tom Perrine

Tom “tep” Perrine started on the ARPANET in grade school, with accounts at MIT-MULTICS and other sites. After college graduation he shared an IMP on the original ARPANET with the Navy and UCSD. During the 80s he worked on secure operating systems such as KSOS for the intelligence community. In the 90s he was a security researcher and CSO at the San Diego Supercomputer Center (SDSC), where he was also involved in “the Kevin affair”. While at SDSC he also consulted for the FBI on Critical Infrastructure Protection and was invited to give Congressional testimony on the FBI’s Carnivore program. Since 2003 he has worked at a video game company, supporting game development studios and operating hosting facilities for online video games. He is since moved on to developing world wide IT strategies for the same company. He owns a complete set of the Rainbow Books and the only copy of Takedown signed by both Tsutomu Shimomura and Kevin Mitnick.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats