AtomicOS – A security-first OS with real crypto and deterministic language

4 hours ago 2

A security-first operating system built from scratch with real memory protection, cryptography, and a deterministic programming language.

Version License Platform

AtomicOS is an educational operating system that prioritizes security over performance. Unlike many hobby OS projects, it implements real security features including AES-128 encryption, SHA-256 hashing, and a complete Memory Management Unit (MMU).

Philosophy: "Seguridad primero, luego estabilidad y luego performance" (Security first, then stability, then performance)

  • ✅ Custom bootloader (Multiboot compliant)
  • ✅ Protected mode with stack protection
  • ✅ Memory Management Unit (MMU) with 2-level paging
  • ✅ Physical and virtual memory management
  • ✅ VGA text mode with color support
  • Real AES-128 encryption (not XOR!)
  • SHA-256 cryptographic hashing
  • ✅ Memory guards and bounds checking
  • ✅ W^X (Write XOR Execute) enforcement
  • ✅ Secure memory wiping on free
  • ✅ Page-level access control

Tempo Programming Language

  • ✅ Deterministic execution
  • ✅ Worst-Case Execution Time (WCET) analysis
  • ✅ Compiles to x86 assembly
  • ✅ Integrated runtime in kernel
  • i686-elf-gcc (cross-compiler for x86)
  • nasm (Netwide Assembler)
  • qemu-system-i386 (for testing)
  • make
# Build AtomicOS v0.4 with MMU make -f Makefile.v4 # Run in QEMU ./run_mmu.sh
# v0.3 - Security-first design make -f Makefile.v3 ./run_atomicos.sh # Simple visual demo make -f Makefile.demo ./ver_demo.sh
AtomicOS/ ├── kernel/ │ ├── kernel_v4_mmu.c # Latest kernel with MMU │ ├── mmu.c # Memory Management Unit │ ├── crypto_real.c # AES-128 & SHA-256 │ ├── boot.asm # Bootloader │ └── ... ├── tempo/ │ ├── tempo_compiler.c # Tempo language compiler │ ├── LANGUAGE_SPEC.md # Language specification │ └── examples/ └── docs/ ├── REALITY_CHECK.md # Honest assessment └── EVIDENCE_*.md # Test results
0x00000000 - 0x003FFFFF : Kernel Space (4MB) 0x00400000 - 0xBFFFFFFF : User Space 0xC0000000 - 0xFFFFFFFF : Kernel Mirror (Higher Half)
  • AES-128: Full implementation with S-boxes, MixColumns, and key scheduling
  • SHA-256: Complete with 64 rounds and proper constants
  • MMU: Hardware-enforced memory protection via page tables

This is an educational project. While it implements real security concepts, it is NOT production-ready:

  • No network stack
  • No file system
  • No device drivers (except basic VGA)
  • Single-threaded execution
  • Limited error handling

MIT License with attribution requirements. See LICENSE file.

Key points:

  • ✅ Open source - you can use, modify, and distribute
  • ✅ Attribution required - must credit original project
  • ✅ Name protection - forks must use different name
  • ✅ Change disclosure - modifications must be documented

Contributions welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Document your changes
  4. Submit a pull request

Original Author: Ignacio Peña Created: 2024

AtomicOS Boot Demo on YouTube - Boot demonstration and features

"No exploits, no crashes, no lies." - AtomicOS motto

Read Entire Article
  1. Homepage
  2. Technology
  3. AtomicOS – A security-first OS with real crypto and deterministic language

Related

Rare Earths and China

Rare Earths and China

18 minutes ago 1
PG&E power shutoffs start for parts of Northern California, outages expected

PG&E power shutoffs start for parts of Northern California, ...

34 minutes ago 1
New SOTA Web Agent beats even Operator with human intervention

New SOTA Web Agent beats even Operator with human interventi...

38 minutes ago 2
Hostinger Web Hosting