Trusted End Node Security (TENS) is a secure bootable ISO developed by the US Department of Defense. From the TENS Site:
Trusted End Node Security (TENS) creates a secure computing environment from trusted read-only media on almost any Intel-based computer. It boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive. Administrator privileges are not required; nothing is installed. Because the environment runs entirely without hard drives, nothing malicious already on a local drive can infect the running session, and nothing sensitive from the secure session can be left behind on a hard drive.
TENS integrates the OpenSC middleware, and PIVKey works with Firefox on TENS out of the box.
By default, TENS supports the Certificate for Cardholder Authentication. The default PIVKey certificate is not supported.