ProvenCore is a secure Operating System and Trusted Execution Environment (TEE) designed for IoT and embedded devices. It is built using deductive formal methods, making it the first OS to achieve complete formal verification, which eliminates exploitable vulnerabilities by mathematically proving the correctness of its codebase. ProvenCore functions as the nucleus of a device's Trusted Computing Base (TCB), providing strong isolation between the kernel and Trusted Applications through formally proven integrity and confidentiality properties. Its microkernel architecture minimizes code size and attack surface, reducing potential entry points for attackers. The OS supports an autonomous mode where Trusted Applications remain operational even if the Normal OS crashes, providing resilience against denial-of-service attacks. It holds a Common Criteria EAL7 certification — the highest level of security assurance in the industry — and is compliant with the GlobalPlatform TEE specification. ProvenCore supports ARM Cortex-A and RISC-V hardware architectures, making it suitable for diverse IoT deployments. It includes a Software Development Kit (SDK) with APIs and tools to facilitate secure application development, along with a Trusted Application Catalog for pre-built security applications. Its modular and scalable architecture allows additional security applications to be integrated over time. ProvenCore is targeted at businesses and organizations that require high-assurance security for embedded and IoT devices, particularly in contexts requiring formal certification and compliance with international security standards.