Santa Barbara, CA, August 29, 2005—Green Hills Software, Inc., a technology leader in operating systems and software development tools for safe and secure systems, announced today that the U.S. Government's National Information Assurance Partnership (NIAP), a collaboration between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA), has formally accepted the security evaluation plan for the INTEGRITY 178B operating system. As a result, INTEGRITY-178B is now listed on the official register of products in evaluation at www.niap-ccevs.org/cc-scheme/st/st_vid10119-ci.pdf. This is a significant milestone toward the most stringent certification ever undertaken by an operating system.
The security evaluation of INTEGRITY-178B began in April 2005, when Green Hills Software selected Science Applications International Corporation (SAIC), a NIAP approved Common Criteria Testing Lab (CCTL), to perform the evaluation (see related announcement at http://www.ghs.com/news/20050419_SAIC.html). Since then, in parallel with the software evaluation, Green Hills Software, SAIC and NIAP have finalized the evaluation work plan and Green Hills Software has prepared the documentation required by NIAP. NIAP management formally accepted the plan on August 12.
“To prepare for this next stage in the evaluation process, SAIC has had a chance to assess some of the certification evidence, artifacts and related processes that Green Hills Software has used as the basis for their DO-178B safety certifications,” said Julie Taylor, assistant vice president and division manager at the SAIC Common Criteria Testing Laboratory. “We’ve worked with Green Hills Software to produce the Security Target and other documents that we have presented to NIAP. Green Hills has made all of its deliveries on schedule.”
INTEGRITY-178B is undergoing the most stringent security evaluation undertaken by an operating system under the International Common Criteria for Information Technology Security Evaluation standard (ISO 15408). INTEGRITY-178B is being evaluated for conformance to the Separation Kernel Protection Profile (SKPP), the most demanding Protection Profile currently defined. The evaluation is being done at Evaluation Assurance Level 6 augmented (EAL6+). On the seven-level EAL scale, no operating system has previously been certified beyond EAL5+.
“Green Hills Software is leading the charge to more secure computing,” said Dan O’Dowd, founder and chief executive officer of Green Hills Software. “While INTEGRITY-178B is progressing toward an EAL6+ certification, no other operating system listed on the NIAP Products in Evaluation register is aiming beyond EAL4+. In addition, INTEGRITY-178B is being evaluated to the stringent Separation Kernel Protection Profile; most other operating system certifications have been to the significantly more lenient Controlled Access Protection Profile (CAPP).”
The INTEGRITY-178B operating system was designed from the ground up to meet the most demanding security and safety requirements. It employs a layered, high-assurance Multiple Independent Levels of Security (MILS) architecture with a small separation kernel at its core. INTEGRITY-178B has been designed into almost every major next-generation commercial and military aircraft, including the Boeing 787, Airbus A380, Lockheed Martin F-35 Joint Strike Fighter, F/A-22 Raptor, Eurofighter Typhoon, Airbus A400M and Boeing C-17 Globemaster.
About Green Hills Software
Founded in 1982, Green Hills Software, Inc. is the technology leader for real-time operating systems and Device Software Optimization (DSO) for 32- and 64-bit embedded systems. Our royalty-free INTEGRITY® RTOS, velOSity™ microkernel, compilers, MULTI® and AdaMULTI™ integrated development environments and TimeMachine™ debugger offer a complete development solution that addresses both deeply embedded and high-reliability applications. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom. Visit Green Hills Software on the web at www.ghs.com.