Camelot-OS: Because secure systems deserve a secure foundation

Camelot-OS: An Industry-Grade Open-Source Operating System for Secure IoT

Camelot-OS is an open-source operating system ecosystem designed to bring strong security guarantees, robust isolation, and industrial-grade engineering practices to modern IoT and embedded systems.

Built from the ground up with security in mind, Camelot-OS targets microcontroller-based devices that require more than traditional RTOSes can safely provide — without sacrificing openness, performance, or developer control.

Why Camelot-OS?

The IoT landscape is fragmented. Devices often run legacy or minimalist operating systems that were never designed to withstand today’s threat models: remote attackers, supply-chain compromise, long deployment lifecycles, and strict regulatory requirements.

Camelot-OS was created to address these challenges by combining:

A security-first microkernel architecture

Strong isolation between software components

Hardware-backed trust anchors

Modern, reproducible build tooling

An open and auditable codebase

The project builds on lessons shared at SSTIC 2024 in the presentation “Once upon a time in IoT: an industry-grade OS perspective for IoT security”, which highlights the need for a new class of secure, open embedded operating systems.

Core Principles

🔐 Security by Design

Camelot-OS minimizes the Trusted Computing Base (TCB) using a microkernel architecture. Critical services are isolated, reducing the impact of vulnerabilities and making formal reasoning about security possible.

🧱 Strong Isolation

Applications, drivers, and services run in separated compartments with explicit communication channels, limiting lateral movement and fault propagation.

🧩 Modular & Composable

Camelot-OS is not a monolith. It is an ecosystem of well-defined components — kernel, SDK, tooling — designed to be assembled according to your product’s needs.

🏭 Industry-Grade Engineering

The project adopts modern toolchains, reproducible builds, and traceable artifacts, enabling long-term maintenance and compliance with industrial and regulatory constraints.

🌍 Open & Auditable

All components are developed in the open under permissive licenses, allowing independent audits, community contributions, and transparent security review.

Architecture Overview

At the heart of Camelot-OS lies the Sentry Kernel, a high-security microkernel tailored for embedded platforms.

Key architectural elements include:

A minimal privileged kernel focused on scheduling, memory management, and IPC

User-space services for drivers and system components

Explicit interfaces between trusted and untrusted code

Support for hardware security features such as Secure Elements and trusted execution primitives

This design enables Camelot-OS to scale from constrained microcontrollers to more complex embedded platforms, while maintaining strong security properties.

What’s in the Camelot-OS Ecosystem?

The Camelot-OS GitHub organization hosts multiple repositories that together form the project:

Sentry Kernel – the secure microkernel foundation

SDK & Tooling – build systems, device descriptions, and developer tools

Examples & Reference Platforms – sample applications and integrations

Documentation – architectural notes, guides, and design rationale

Explore the source code on GitHub: 👉 https://github.com/camelot-os

Who Is Camelot-OS For?

Camelot-OS is designed for:

IoT product teams building long-lived, security-sensitive devices

Embedded and firmware engineers looking beyond traditional RTOS limitations

Security researchers exploring microkernel-based embedded systems

Industrial and critical infrastructure projects requiring strong isolation and auditability

Whether you are prototyping a secure device or designing a production-grade platform, Camelot-OS provides a solid, open foundation.

Project Status

Camelot-OS is actively developed and evolving. While not yet a drop-in replacement for existing RTOS solutions, the project focuses on correctness, security, and long-term viability rather than quick compromises.

Contributions, experimentation, and feedback are welcome.

Get Involved

⭐ Star the project on GitHub

🧪 Explore the code and documentation

🐛 Report issues or suggest improvements

🤝 Contribute code, documentation, or reviews

👉 GitHub: https://github.com/camelot-os

👉 Talk: SSTIC 2024 – Once upon a time in IoT