This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements.

Linux

Android-based

  • GrapheneOS is a security-focused, Android-based mobile OS that uses a hardened kernel, C library, custom memory allocator (<code>hardened_malloc</code>), and a hardened Chromium-based browser named Vanadium. It also offers privacy/security features, such as Duress PIN/Password or disabling the USB-C port at a driver/hardware level to avoid exploitation. It deploys exploit mitigations such as hardware-based memory tagging, secure app spawning, restricted dynamic code loading, and more.

Debian-based

  • Linux Kodachi is a security-focused operating system.
  • Tails is aimed at preserving privacy and anonymity.
  • KickSecure is a security-focused Linux distribution that aims to be "hardened by default". It uses network hardening, kernel hardening, Strong Linux User Account Isolation, better randomness, root access restrictions, and app-specific hardening.
  • Whonix is an anonymity focused operating system based on KickSecure. It consists of two virtual machines, And all communications are routed through Tor.

Other Linux distributions

  • Alpine Linux is designed to be small, simple, and secure. It uses musl, BusyBox, and OpenRC instead of the more commonly used glibc, GNU Core Utilities, and systemd.
  • Owl - Openwall GNU/Linux, a security-enhanced Linux distribution for servers.
  • , a Fedora Silverblue based distro that uses a hardened kernel, custom memory allocator (<code>hardened_malloc</code>), Trivalent, a security-focused, Chromium-based browser inspired by Vanadium, and many other exploit mitigations.

BSD

  • OpenBSD is a Unix-like operating system that emphasizes portability, standardization, correctness, proactive security, and integrated cryptography.

Xen

  • Qubes OS aims to provide security through isolation. Isolation is provided through the use of virtualization technology. This allows the segmentation of applications into secure virtual machines.

See also

  • Computer security
  • Comparison of operating systems
  • Comparison of mobile operating systems
  • Security engineering

References