Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Updated Apr 2025

Security overview

FreeRTOS follows a strict coding standard, and has undergone a number of code quality checks including MISRA-Cexternal_link compliance and Coverityexternal_link static analysis to ensure code safety, portability, and reliability in embedded systems (see the list in the LTS Code Quality Checklist). Non-trivial updates to the FreeRTOS libraries must pass AWS Application Security (AppSec) and AWS Penetration Testing (pentest) reviews prior to release.

Memory Safety

FreeRTOS is designed for resource-constrained devices that do not provide all the hardware mechanisms richer operating systems utilize to protect the system from external adversaries. On such small devices, security depends on simpler memory protection and execution privilege level hardware, and on the operating system code itself. We work with the Automated Reasoning Groupexternal_link at AWS to apply mathematically driven, provable security techniques to FreeRTOS. FreeRTOS libraries have been validated for memory safety with the C Bounded Model Checker (CBMCexternal_link) automated reasoning tool to mitigate code security issues such as buffer overflow.

To learn more >> read the blogs "Ensuring the Memory Safety of FreeRTOS": (Part 1, Part 2.)

Threat Model

See the FreeRTOS Kernel Threat Model page on this website.

Security Certification

FreeRTOS provides foundational connectivity libraries such as FreeRTOS-Plus-TCP and coreMQTT that help developers confidently and securely connect IoT devices to the cloud. FreeRTOS has demonstrated safety and security through the Security Evaluation Standard for IoT Platforms (SESIP™)external_link Level 2 and PSA Level 1 certifications. SESIP™ derives its fundamental tenets from the industry established Common Criteriaexternal_link framework. PSA Certifiedexternal_link offers a framework for securing connected devices, from analysis through to security assessment and certification.

Learn more >> SESIP Level 2, PSA level 1.