The US Common Criteria Evaluation and Validation Scheme, the body that grants Evaluation Assurance Level (EAL) ratings in the US has granted an EAL5 Augmented to BAE System’s XTS-400 and the STOP Unix operating system. This is the first OS to be granted a EAL5 or better and is the first public EAL5 granted in the US. Read more for details.
The “Augmented” means that there were elements of the evaluation that exceeded the requirements for EAL5, specifically in the areas of flaw remediation and vulnerability testing.
Further information about the XTS-400 can be found at BAE’s
XTS-400 web site. Information about the evaluation can be found at NIAP’s
Evaluated Products List.
STOP is a proprietary OS that emulates Linux as its API and ABI are the same. Thus many GNU/Linux applications can be copied and executed on the XTS receiving their security protection from the XTS without the need for recompilation or recoding. The XTS-400 and its predecessors have a 20 year history of being used (in the 3 letter agencies of the US government and by friendly foreign governments) as guards that allow security rules to be imposed on information flowing from one security domain to another. And as application hosts where connecting to networks of different classifications or sensitivities is required.
…. or multiple BSDs.
BSD are completely useless for any kind of Goverment certifications. Linux fares better in that aspect
Or it could be based on actual Unix (TM) code, there are still several different versions out there that ye rarely hear of, for example the version NEC have that they run on their vector computers.
Now using Unix in their press release is dodgy unless they go and get it certified by the opengroup.