Ferrite

A Modular RT Microkernel in Zig

A modular, capability-based real-time microkernel written in Zig. Ferrite keeps the trusted core small and pushes drivers, filesystems, and services out into isolated userspace programs. One kernel runs across a wide range of architectures, from the ESP32-C6 microcontroller up to RISC-V and x86-64, and is designed to pair with Midstall's River SoC and Albion secure enclave.

View on GitHub

Key Features

Capability-Based Microkernel

A minimal trusted core. Drivers, filesystems, and services run as isolated userspace programs that communicate over capability-secured IPC, so a faulting driver cannot take down the system.

Real-Time Scheduling

Priority-preemptive scheduling with earliest-deadline-first tiebreaking and priority inheritance, for predictable latency under load.

Multi-Architecture

One kernel, many targets. Ferrite runs on AArch64, RISC-V (64-bit and 32-bit), and x86-64, scaling from the ESP32-C6 microcontroller to multi-core systems.

Plan 9 Namespaces

Everything is a file. A 9P-based namespace ties together devices, services, and the network behind one uniform, composable interface.

Networking in Userspace

A full userspace network stack with DHCP, DNS, TCP, TLS, and SSH keeps the kernel out of the data path while staying reconfigurable and observable.

Built with Zig & Nix

The entire system, kernel and userspace alike, builds with a modern Zig and Nix toolchain for transparent, reproducible, hermetic builds.