Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure OS Gets Highest NSA Rating, Goes Commercial

Posted by kdawson on from the compartmentalized-with-a-vengeance dept.

ancientribe writes "A hardened operating system used in the B1B bomber and other military aircraft has now been released commercially, after receiving the highest security rating by a National Security Agency-run certification program. Green Hills Software's Integrity-178B operating system was certified as EAL6+, which means that it can defend against well-funded and sophisticated attackers." The company is not saying how much the OS would cost a potential customer: "The system and its associated integration and consulting services are custom solutions." Both Windows and Linux are EAL 4+ certified, which means they can defend against "inadvertent and casual" security breach attempts.

6 of 352 comments (clear)

  1. lols by negRo_slim · · Score: 4, Informative

    A hardened operating system used in the B1B bomber and other military aircraft has now been released commercially

    B1 Accidents, OS Homepage, More Wikipedia!

    --
    On the Oregon Cost born and raised, On the beach is where I spent most of my days
  2. Re:n/t by characterZer0 · · Score: 5, Informative

    EAL does not mean what you think it does.

    http://en.wikipedia.org/wiki/Evaluation_Assurance_Level

    --
    Go green: turn off your refrigerator.
  3. Article misleads about EAL6 by epdp14 · · Score: 4, Informative

    EAL6 is NOT the highest rating given by the NSA. EAL7 is. EAL7 has been awarded to one product (The Tenix Interactive Link Data Diode Device). Source: http://en.wikipedia.org/wiki/Evaluation_Assurance_Level

  4. Re:n/t by Anonymous Coward · · Score: 5, Informative

    You apparently did not read the wikipedia article through. The reason that Windows and Linux (distributions) achieve EAL-4 rating is because "EAL4 is the highest level at which it is likely to be economically feasible to retrofit to an existing product line."

    Furthermore, "Commercial operating systems that provide conventional, user-based security features are typically evaluated at EAL4."

    Higher levels require some sort of formal methods use in the design and testing. This is very unlikely to ever happen for Linux (it is virtually impossible to create a formal design retroactively; either it does not correspond to the system or it is just as complex as the system).

    For this reason, Linux will probably never get any higher. Windows may just get higher, because it has a completely new security model and kernel, which are likely able to get EAL-6 grading in time.

  5. Re:Let the Testing begin... by Verdatum · · Score: 5, Informative

    The financial ties involved in EAL evalution are pretty loose at best. I'm more familiar with FIPS and Orange Book evaluation, but assuming the processes are similar, evaluation is done a an independent third party organization; usually as a result of a requirement stated in a government contract. There is not much in the way of monetary incentive for the evaluation group to rate a product any higher than it deserves to be.

    That being said, I don't believe EAL6+ requires any additional vulnerability testing beyond that of than EAL5+; it is mostly just a stricter evaluation/review of the soundness of the OS design.

  6. Re:Let the Testing begin... by Isao · · Score: 5, Informative
    Ok, here are some real facts about how this works.

    Under the Common Criteria (CC), people with financial ties create the product. They (or another sponsor who wants the product evaluated) pay an independent lab (CCTL) to evaluate it. Labs are certified by NIAP, a partnership of NIST and the NSA Information Assurance directorate. (The NSA has two main parts, the other is Signals Intelligence.) The independent lab evaluation is overseen by a Validation team employed by the government, who reviews the process and results of every evaluation, including all vendor evidence, before it is certified. The Validators also oversee the labs for proper execution of the CC. Once it passes all these reviews successfully it is certified.

    Certifications are tiered by Evaluation Assurance Levels (EALs), from 1 to 7. Generally, the higher the EAL, the greater confidence there is in the vendor claims. This is NOT the same as being more secure!

    The way to use these certified products is to select a product family (say firewalls), and review at a minimum two documents: The Security Target (ST) and Validation Report (VR). The ST is written by the vendor or sponsor, and basically contains the security claims they're making for the product, and how they expect the product to be used. The Validation Report describes how those claims were evaluated, and what notable things the Validation team observed during the evaluation. After reading both of these documents (usually not more than 100 pages - pretty short for 1-2 years of work) you can determine if the product can be used in its certified configuration in your environment.

    Check out some interesting operating systems, like Windows XP, Mac OS X, or one of the Linux's.

    It's certainly not perfect, but it's better than what we had.