This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements. == Linux == === Android-based === GrapheneOS is a security-focused, Android-based mobile OS that uses a hardened kernel, C library, custom memory allocator (hardened_malloc), and a hardened Chromium-based browser named Vanadium. It also offers privacy/security features, such as Duress PIN/Password or disabling the USB-C port at a driver/hardware level to avoid exploitation. It deploys exploit mitigations such as hardware-based memory tagging, secure app spawning, restricted dynamic code loading, and more. === Debian-based === Linux Kodachi is a security-focused operating system. Tails is aimed at preserving privacy and anonymity. KickSecure is a security-focused Linux distribution that aims to be "hardened by default". It uses network hardening, kernel hardening, Strong Linux User Account Isolation, better randomness, root access restrictions, and app-specific hardening. Whonix is an anonymity focused operating system based on KickSecure. It consists of two virtual machines, And all communications are routed through Tor. === Other Linux distributions === Alpine Linux is designed to be small, simple, and secure. It uses musl, BusyBox, and OpenRC instead of the more commonly used glibc, GNU Core Utilities, and systemd. Owl - Openwall GNU/Linux, a security-enhanced Linux distribution for servers. Secureblue, a Fedora Silverblue based distro that uses a hardened kernel, custom memory allocator (hardened_malloc), Trivalent, a security-focused, Chromium-based browser inspired by Vanadium, and many other exploit mitigations. == BSD == OpenBSD is a Unix-like operating system that emphasizes portability, standardization, correctness, proactive security, and integrated cryptography. == Xen == Qubes OS aims to provide security through isolation. Isolation is provided through the use of virtualization technology. This allows the segmentation of applications into secure virtual machines.
Mixed raster content
Mixed raster content (MRC) is a method for compressing images that contain both binary-compressible text and continuous-tone components, using image segmentation methods to improve the level of compression and the quality of the rendered image. By separating the image into components with different compressibility characteristics, the most efficient and accurate compression algorithm for each component can be applied. MRC-compressed images are typically packaged into a hybrid file format such as DjVu and sometimes PDF. This allows for multiple images, and the instructions to properly render and reassemble them, to be stored within a single file. Some image scanners optionally support MRC when scanning to PDF. A typical manual states that without MRC, the image is generated in a single process, with text and graphics not distinguished. With MRC, separate processes are used for text, graphics, and other elements, producing clearer graphics and sharper text, at the price of slightly slower processing. MRC is recommended to optimise the scanning of documents with harder-to-read text or lower-quality graphics. MRC can also reduce the size of the scanned file, though higher compression using JBIG2 can sometimes lead to character substitution errors in scanned documents. == File format == A form of MRC is defined by international standard bodies as ISO/IEC 16485, or ITU recommendation T.44 (accessible free of charge). It defines a file format with bilevel masks and two data layers in each "stripe" of the image. The mask can be encoded in ITU T.4, JBIG1, or JBIG2, while the images can be JPEG, JBIG1, or run-length encoded color. The format is loosely based on JPEG, with a APP13 segment registered for this purpose. It is not known whether this file format is actually used, as formats like DjVu and PDF have their own ways of defining layers and masks.
Metaclass (knowledge representation)
In knowledge representation, particularly in the Semantic Web, a metaclass is a class whose instances can themselves be classes. Similar to their role in programming languages, metaclasses in ontology languages can have properties otherwise applicable only to individuals, while retaining the same class's ability to be classified in a concept hierarchy. This enables knowledge about instances of those metaclasses to be inferred by semantic reasoners using statements made in the metaclass. Metaclasses thus enhance the expressivity of knowledge representations in a way that can be intuitive for users. While classes are suitable to represent a population of individuals, metaclasses can, as one of their feature, be used to represent the conceptual dimension of an ontology. Metaclasses are supported in the Web Ontology Language (OWL) and the data-modeling vocabulary RDFS. Metaclasses are often modeled by setting them as the object of claims involving rdf:type and rdfs:subClassOf—built-in properties commonly referred to as instance of and subclass of. Instance of entails that the subject of the claim is an instance, i.e. an individual that is a member of a class. Subclass of entails that the subject is a class. In the context of instance of and subclass of, the key difference between metaclasses and ordinary classes is that metaclasses are the object of instance of claims used on a class, while ordinary classes are not objects of such claims. (e.g. in a claim Bob instance of Human, Bob is the subject and an Instance, while the object, Human, is an ordinary class; but a further claim that Human instance of Animal species makes "Animal species" a metaclass because it has a member, "Human", that is also a Class). OWL 2 DL supports metaclasses by a feature called punning, in which one entity is interpreted as two different types of thing—a class and an individual—depending on its syntactic context. For example, through punning, an ontology could have a concept hierarchy such as Harry the eagle instance of golden eagle, golden eagle subclass of bird, and golden eagle instance of species. In this case, the punned entity would be golden eagle, because it is represented as a class (second claim) and an instance (third claim); whereas the metaclass would be species, as it has an instance that is a class. Punning also enables other properties that would otherwise be applicable only to ordinary instances to be used directly on classes, for example "golden eagle conservation status least concern." Having arisen from the fields of knowledge representation, description logic and formal ontology, Semantic Web languages have a closer relationship to philosophical ontology than do conventional programming languages such as Java or Python. Accordingly, the nature of metaclasses is informed by philosophical notions such as abstract objects, the abstract and concrete, and type-token distinction. Metaclasses permit concepts to be construed as tokens of other concepts while retaining their ontological status as types. This enables types to be enumerated over, while preserving the ability to inherit from types. For example, metaclasses could allow a machine reasoner to infer from a human-friendly ontology how many elements are in the periodic table, or, given that number of protons is a property of chemical element and isotopes are a subclass of elements, how many protons exist in the isotope hydrogen-2. Metaclasses are sometime organized by levels, in a similar way to the simple Theory of types where classes that are not metaclasses are assigned the first level, classes of classes in the first level are in the second level, classes of classes in the second level on the next and so on. == Examples == Following the type-token distinction, real world objects such as Abraham Lincoln or the planet Mars are regrouped into classes of similar objects. Abraham Lincoln is said to be an instance of human, and Mars is an instance of planet. This is a kind of is-a relationship. Metaclasses are class of classes, such as for example the nuclide concept. In chemistry, atoms are often classified as elements and, more specifically, isotopes. The glass of water one last drank has many hydrogen atoms, each of which is an instance of hydrogen. Hydrogen itself, a class of atoms, is an instance of nuclide. Nuclide is a class of classes, hence a metaclass. == Implementations == === RDF and RDFS === In RDF, the rdf:type property is used to state that a resource is an instance of a class. This enables metaclasses to be easily created by using rdf:type in a chain-like fashion. For example, in the two triples the resource species is a metaclass, because golden eagle is used as a class in the first statement and the class golden eagle is said to be an instance of the class species in the second statement. This way of doing allows :species to have non-class instances. RDF also provides rdf:Property as a way to create properties beyond those defined in the built-in vocabulary. Properties can be used directly on metaclasses, for example "species quantity 8.7 million", where quantity is a property defined via rdf:Property and species is a metaclass per the preceding example above. RDFS, an extension of RDF, introduced rdfs:Class and rdfs:subClassOf and enriched how vocabularies can classify concepts. Whereas rdf:type enables vocabularies to represent instantiation, the property rdfs:subClassOf enables vocabularies to represent subsumption. RDFS thus makes it possible for vocabularies to represent taxonomies, also known as subsumption hierarchies or concept hierarchies, which is an important addition to the type–token distinction made possible by RDF. Notably, the resource rdfs:Class is an instance of itself, demonstrating both the use of metaclasses in the language's internal implementation and a reflexive usage of rdf:type. RDFS is its own metamodel. This allows a second way to express that a resource is a metaclass. A triple to instantiate rdfs:Class, for example :golden_eagle rdf:type rdfs:Class will declare :golden_eagle as a class. It's also possible to subclass the rdfs:Class resource to declare a meta-class resource, for example :species rdfs:SubclassOf. By deduction, any instance of :species is then a class, so it is a class with class-instances, a meta-class.. This second way does not allows non-class instances of species and explicitly declares :tpecies as a meta-class. === OWL === In some OWL flavors like OWL1-DL, entities can be either classes or instances, but cannot be both. This limitations forbids metaclasses and metamodeling. This is not the case in the OWL1 full flavor, but this allows the model to be computationally undecidable. In OWL2, metaclasses can implemented with punning, that is a way to treat classes as if they were individuals. Other approaches have also been proposed and used to check the properties of ontologies at a meta level. ==== Punning ==== OWL 2 supports metaclasses through a feature called punning. In metaclasses implemented by punning, the same subject is interpreted as two fundamentally different types of thing—a class and an individual—depending on its syntactic context. This is similar to a pun in natural language, where different senses of the same word are emphasized to illustrate a point. Unlike in natural language, where puns are typically used for comedic or rhetorical effect, the main goal of punning in Semantic Web technologies is to make concepts easier to represent, closer to how they are discussed in everyday speech or academic literature. Although OWL 2 permits the same symbol to assume different roles, its standard semantics (known as Direct Semantics) still interprets the symbol differently depending on whether it is used as an individual, a class, or a property. === Protégé === In the ontology editor Protégé, metaclasses are templates for other classes who are their instances. == Classification == Some ontologies like the Cyc AI project's classifies classes and metaclasses. Classes are divided into fixed-order classes and variable-order classes. In the case of fixed-order classes, an order is attributed for metaclasses by measuring the distance to individuals with respect to the number of "instance of" triples that are necessary to find an individual. Classes that are not metaclasses are classes of individuals, so their order is "1" (first-order classes). Metaclasses that are classes of first-order classes' order is "2" (second-order classes), and so on. Variable-order metaclasses, on the other hand, can have instances; one example of variable-order metaclass is the class of all fixed-order classes.
Transparency in Frontier Artificial Intelligence Act
The Transparency in Frontier Artificial Intelligence Act, also referred to as SB-53, is a 2025 California law which mandates increased transparency for companies building artificial intelligence. SB-53 is primarily focused on assessing and reducing potential catastrophic risks from AI, and is the first bill addressing such risks to be passed into law in America. The bill requires companies to create publicly accessible documents assessing potential "catastrophic risk[s]" from their AI models, as well as publishing documentation on how the model incorporates national and international safety standards. SB-53 also sets up whistleblower protections and procedures for alerting the government to a "critical safety incident". == History == SB-53 was preceded in 2024 by the unsuccessful Safe and Secure Innovation for Frontier Artificial Intelligence Models Act ("SB-1047"), a proposed bill authored by Senator Scott Wiener which was vetoed by Governor Gavin Newsom. Afterwords, Newsom created a "Joint California AI Policy Working Group" to provide recommendations for AI regulation, which guided the drafting of SB-53. Senator Scott Wiener introduced the bill on January 7, 2025, and after a series of amendments, SB-53 passed the Senate 29-8 on September 13. Governor Gavin Newsom approved the bill on September 25, passing it into law. == Provisions == SB-53 applies primarily to companies making at least $500 million in yearly gross revenue. It defines a “frontier model” as any AI trained with over 1026 FLOPS (including fine-tuning), including unreleased internal models. Both the financial and computational thresholds must be met before most of the law is applied, although the threshold can be lowered or otherwise updated by the California Department of Technology in an annual review starting in 2027. Most of the bill's provisions are focused on "catastrophic risks" from AI, which are defined as incidents in which a model contributes to more than 50 deaths or serious injuries, or causes more than one billion dollars ($1,000,000,000) in economic damage from AI-assisted acts (such as cyberattacks or the creation of biological weapons). The bill requires companies to provide publicly accessible safety frameworks for frontier AI models, describing how the company tests for catastrophic risk from its AI, and how it implements protections against such risks. This includes addressing the possibility that the AI may attempt to circumvent internal guardrails or oversight mechanisms. (Certain safety incidents, such as dangerously deceptive model behavior, physical injury, or death, must be reported to California Office of Emergency Services (OES) within 15 days, unless the incident poses imminent physical risk, in which case it must be reported immediately.) The company must follow its published framework, and if any changes are made, the framework should be updated within 30 days, and justification for said changes must also be made public. Additionally, all frontier companies are required to publish basic information about newly released frontier models (such as terms of service, supported languages, and intended use), although only large companies (making over $500 million annually) need to publish full safety frameworks. SB-53 also establishes various whistleblower protections for covered employees. Large companies must have anonymous whistleblowing channels in place which protect employees from retaliation from reporting risks to state or federal authorities if they have reasonable cause to believe that their employer is substantially risking public health and safety.
Suggested Upper Merged Ontology
The Suggested Upper Merged Ontology (SUMO) is an upper ontology intended as a foundation ontology for a variety of computer information processing systems. SUMO defines a hierarchy of classes and related rules and relationships. These are expressed in a version of the language SUO-KIF, a higher-order logic that has a LISP-like syntax, as well as the TPTP family of languages. A mapping from WordNet synsets to SUMO has been defined. Initially, SUMO was focused on meta-level concepts (general entities that do not belong to a specific problem domain), and thereby would lead naturally to a categorization scheme for encyclopedias. It has now been considerably expanded to include a mid-level ontology and dozens of domain ontologies. SUMO is organized for interoperability of automated reasoning engines. To maximize compatibility, schema designers can try to assure that their naming conventions use the same meanings as SUMO for identical words (for example, "agent" or "process"). SUMO has an associated open source Sigma knowledge engineering environment. Initially, Sumo was developed by the Teknowledge Corporation and now is maintained by Articulate Software. SUMO is open source. The first release was in December 2000.
Latent semantic mapping
Latent semantic mapping (LSM) is a data-driven framework to model globally meaningful relationships implicit in large volumes of (often textual) data. It is a generalization of latent semantic analysis. In information retrieval, LSA enables retrieval on the basis of conceptual content, instead of merely matching words between queries and documents. LSM was derived from earlier work on latent semantic analysis. There are 3 main characteristics of latent semantic analysis: Discrete entities, usually in the form of words and documents, are mapped onto continuous vectors, the mapping involves a form of global correlation pattern, and dimensionality reduction is an important aspect of the analysis process. These constitute generic properties, and have been identified as potentially useful in a variety of different contexts. This usefulness has encouraged great interest in LSM. The intended product of latent semantic mapping, is a data-driven framework for modeling relationships in large volumes of data. Mac OS X v10.5 and later includes a framework implementing latent semantic mapping.
AlphaGeometry
AlphaGeometry is an artificial intelligence (AI) program that can solve hard problems in Euclidean geometry. The system comprises a data-driven large language model (LLM) and a rule-based symbolic engine (Deductive Database Arithmetic Reasoning). It was developed by DeepMind, a subsidiary of Google. The program solved 25 geometry problems out of 30 from the International Mathematical Olympiad (IMO) under competition time limits—a performance almost as good as the average human gold medallist. For comparison, the previous AI program, called Wu's method, managed to solve only 10 problems. DeepMind published a paper about AlphaGeometry in the peer-reviewed journal Nature on 17 January 2024. AlphaGeometry was featured in MIT Technology Review on the same day. Traditional geometry programs are symbolic engines that rely exclusively on human-coded rules to generate rigorous proofs, which makes them lack flexibility in unusual situations. AlphaGeometry combines such a symbolic engine with a specialized large language model trained on synthetic data of geometrical proofs. When the symbolic engine doesn't manage to find a formal and rigorous proof on its own, it solicits the large language model, which suggests a geometrical construct to move forward. However, it is unclear how applicable this method is to other domains of mathematics or reasoning, because symbolic engines rely on domain-specific rules and because of the need for synthetic data. == AlphaGeometry 2 == AlphaGeometry 2 is an improved version of AlphaGeometry, published on February 5, 2025. They added more features to the representation language to describe more geometry problems that involve movements of objects, and problems containing linear equations of angles, ratios, and distances. They targeted IMO geometry questions from 2000 to 2024. The expanded representation language allowed them to cover 88% of the questions. It uses Gemini finetuned on a synthetically generated dataset of problems and solutions in the representation language. The model is used for making auxiliary constructions like lines and points, to help the tree search. It is also used for autoformalization, i.e. converting a problem in English to a problem in the representation language.