This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements.

Linux

Android-based

  • GrapheneOS is a Security-focused, Android-based mobile OS that uses a hardened kernel, C library, custom memory allocator (hardened_malloc), and custom privacy and security focused Chromium based browser named Vanadium. it also offers privacy/security features, such as Duress PIN/Password or disabling the USB-C port at a driver/hardware level to avoid exploitation. it enables multiple exploit mitigations such as memory tagging, secure app spawning, restricted dynamic code loading, and more.

Debian-based

  • Linux Kodachi is a security-focused operating system.
  • Tails is aimed at preserving privacy and anonymity.
  • KickSecure is a security-focused Linux distribution that aims to be "hardened by default". It uses network hardening, kernel hardening, Strong Linux User Account Isolation, better randomness, root access restrictions, and app-specific hardening. Whonix is an anonymity focused operating system based on KickSecure. It consists of two virtual machines, And all communications are routed through Tor.

Other Linux distributions

  • Alpine Linux is designed to be small, simple, and secure. It uses musl, BusyBox, and OpenRC instead of the more commonly used glibc, GNU Core Utilities, and systemd.
  • Owl - Openwall GNU/Linux, a security-enhanced Linux distribution for servers.
  • Secureblue, a Fedora Silverblue based distro that uses a hardened kernel, custom memory allocator (hardened_malloc), Trivalent, a security-focused, Chromium-based browser inspired by Vanadium, and many other exploit mitigations.

BSD

Xen

See also