<?xml version="1.0" encoding="UTF-8"?><ns2:project xmlns:ns1="http://gtr.rcuk.ac.uk/gtr/api" xmlns:ns2="http://gtr.rcuk.ac.uk/gtr/api/project" xmlns:ns3="http://gtr.rcuk.ac.uk/gtr/api/fund" xmlns:ns4="http://gtr.rcuk.ac.uk/gtr/api/person" xmlns:ns5="http://gtr.rcuk.ac.uk/gtr/api/project/outcome" xmlns:ns6="http://gtr.rcuk.ac.uk/gtr/api/organisation" ns1:created="2026-06-22T07:57:45Z" ns1:href="http://gtr.ukri.org/gtr/api/projects/0DCC76C6-5AA2-47B5-A6DE-BED4D719F3B5" ns1:id="0DCC76C6-5AA2-47B5-A6DE-BED4D719F3B5"><ns1:links><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/persons/A687217A-D6A9-4763-A761-4980225E7546" ns1:rel="PM_PER"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/67971A9B-4429-47A7-8D6D-53D18E14E9BC" ns1:rel="LEAD_ORG"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/67971A9B-4429-47A7-8D6D-53D18E14E9BC" ns1:rel="PARTICIPANT_ORG"/><ns1:link ns1:end="2023-09-29T23:00:00Z" ns1:href="http://gtr.ukri.org/gtr/api/funds/43C519E0-E180-4D8C-AA53-A6F1C909E5D3" ns1:rel="FUND" ns1:start="2023-04-30T23:00:00Z"/></ns1:links><ns2:identifiers><ns2:identifier ns2:type="RCUK">10077971</ns2:identifier></ns2:identifiers><ns2:title>Capable</ns2:title><ns2:status>Closed</ns2:status><ns2:grantCategory>Collaborative R&amp;D</ns2:grantCategory><ns2:leadFunder>ISCF</ns2:leadFunder><ns2:abstractText>Linux is the predominant OS for key systems (Internet Services and critical infrastructure). Linux has also became the preferred OS for the military. Within the military, Linux might be used to hold data for different security classifications. It may also be deployed in various scenarios that demand certain levels of system lock-down and security restrictions. Achieving this is really challenging due to the variant distributions of the OS. Therefore, one way to harden Linux is to configure security at a very low-level. Linux capabilities are one main security control that governs how processes and applications interact with the Kernel. Capabilities are used across all distributions and when configured correctly, they could potentially provide an effective manner to unify security configurations for all Linux systems.

One challenge is that capabilities tend to be complicated and require significant experience to configure. Therefore, we propose Capable: that will harden Linux kernels by configuring the system capabilities to meet the security requirements. Capable will remove the complexity and enable authorised end-users to specify the level of system lockdown. Capable will be the first solution in the market to secure Linux through hardening the kernel and to meet the security requirements for various security certifications.</ns2:abstractText></ns2:project>