Our investment in Kry10

Folklore is thrilled to announce our investment into cyber security platform Kry10, leading a NZ$6 million Pre-Series A round alongside IQT, and NZ investors including Movac and Nuance Connected Capital, among others.

Led by Xbox Live and Microsoft veteran, CEO Boyd Multerer (pictured) and Co-Founder Jason Fox, Kry10 is developing a mission critical operating system that will allow governments to enhance cyber safety for industrial connected devices.

Kry10 is building a new operating system for mission-critical devices in verticals including automotive, industrial system integrators, communications and infrastructure. Kry10’s technology creates a paradigm shift for IoT by delivering security at the device, rather than the software application layer. 

‍Why this matters‍

The world around us is becoming increasingly connected. Ubiquitous wireless and cheaper chipsets have allowed a proliferation of connected devices, and the expansion of possibilities to enable broader industrial and personalised IoT devices. In your home right now, for example, there are likely to be a range of devices already connected to externally managed compute services: TVs, scales, watches, entertainment systems, door locks, cameras, washing machines, toasters and more.

To give you a sense of how large this market is, the global number of industrial IoT connections will hit around 37 billion in 2025, with large incumbents making up the majority of device sales, and the compounding effect of these connections is not slowing.

However, solving for the early challenge of embedding connection and software in these personal and less secure devices proved relatively easy. Early venture investment into consumer and domestic IoT saw most startups largely overrun by the technical capability of larger industry incumbents who could scale both manufacturing and distribution, and as a result poor VC returns from this wave of innovation.

Conversely, at an industrial level, device connectivity has been slower to take hold due to the critical nature of the devices, which include trucking and logistics, robotics, sensors, servers, cell towers, aircraft, power generators and wind turbines, construction equipment, factories, farming equipment and even entire cities. 

At this industrial scale where there is a greater emphasis on secure networks and hyper-secure devices, the technical requirement for highly secure two-way connectivity is not yet solved.

As much as connectivity creates efficiency and opportunity, it also creates risk and an open door to cyberattack, and the rate of cybercrime is expected to mirror the growth of connected devices. Connection, software and device vulnerabilities can all provide attackers with access to both the data generated and transmitted by users, but also data generated between users, and ultimately control over the devices themselves. 

More worryingly, when one device is compromised it is often the case that the whole device network is exposed, leaving a host of connection points for hackers to gain entry into IoT ecosystems to access customer information, infiltrate back-end systems, and establish control over the device. These attacks can result in extreme asymmetric risks from system downtime to damaged or stolen data, massive financial loss and human harm.

For instance, in 2015, two security researchers demonstrated to a reporter at WIRED how they could remotely hijack a Jeep's digital systems whilst driving. The car ended up wrecked in a ditch. And in 2020 a hacker challenge exposed a vulnerability in Mercedes E-Class vehicles that permitted an attacker to remotely unlock and start a vehicle. Both events led the automakers to recall and patch software. Worse still, in 2016 Delta Air Lines faced a five-hour outage in an operation centre that caused ~2,000 cancelled flights and a financial loss of ~$150 million. 

These points of failure still exist in newly produced systems and devices, with failures stemming from software-based security at the application, mostly Linux, and legacy platforms that were designed for chips in the 1990s. In a world of increasingly proliferate and remote critical devices, with increasingly complex interactions, it is up to the management and boards of device manufacturers to deliver security to their users, and protect against broader risk and harm. For connected devices and cross-platform applications to be easily programmable – and to have maximum security – a completely new operating system is now required.

‍The solution - enter Kry10. ‍

Kry10 is seeking to alter the paradigm by which connected devices can be operated safely over the air and in accordance with evolving legislation. Kry10’s new operating system (OS) is built with inspiration from  the open-source seL4 microkernel, which dynamically manages connected devices by isolating them from critical components and more importantly each other. This allows companies to reap the benefits of having a connected network but reducing the in-field risk profile to single isolated devices, therefore preventing the risk of a vulnerability spreading to other critical devices in the network.

The seL4 microkernel, which recently won the ACM Software Systems Award (a first for an Australian-based team) has been verified for isolation and confidentiality through the application of formal methods - complex mathematical proofs that ensure the system operates as intended. This allows the Kry10 OS to reliably manage, restart and update applications on complex connected devices over the air.

The team‍

Kry10 Co-Founder and CEO Boyd Multerer has been entrenched in this space for years and has a deep understanding of how hardware and software can work together to secure devices on a network. Boyd was responsible for creating Xbox Live and was the creator of the popular XNA video game programming language. He was also employee #1 at Xbox, and spent almost 20 years at Microsoft learning how to create operating systems for hardware which would allow others to build upon them.

The rest of the team is just as impressive and capable, and certainly one of the most experienced founding teams we’ve backed. They are thirteen (and growing) across New Zealand, Australia, the US and the UK bringing complementary skill sets and expertise across seL4––in fact, some of Kry10’s Australian engineers were directly responsible for creating seL4–– and have a proven track record in product management and technical deployment at some of the most esteemed tech companies in the world. 

‍The future‍

With this new round of funding, the team will continue to build out its engineering team and its commercial focus on a deployable MOS for industrial, connected mission-critical devices in verticals that include automotive and systems integrators. 

Folklore is excited to join Kry10’s journey and we look forward to supporting Boyd, Jason and the rest of the team as they scale their vision.