Submitted by Wind River Linux Secure, a secure embedded Linux, is in evaluation by the National Information Assurance Partnership (NIAP) to be certified to Common Criteria Evaluation Assurance Level 4+ (EAL4+), conforming to the General Purpose Operating System Protection Profile. Upon certification completion to Common Criteria EAL4+, Wind River Linux Secure is expected to be the first commercial embedded Linux operating system accepted by NIAP.
I didn’t know of these security/embedded concerns and certification processes/organisms. It’s a shame that I’m just as ignorant after reading the linked article: unless you’re already in the field, you won’t know what it’s talking about. It’s a shame the author of the post in unknown as all that can be read is “posted on…”.
It’s a shame I’m still asking myself a few questions: if this Wind River linux is the first secure embedded Linux-based OS to be certified, what other certified OSes are there? I guess there are several similar Linux-based embedded/and or secure OS… what’s their status as to running for that certification? why hasn’t any Linux OS applied before as they are not new? It’s hinted somewhere that the process is difficult. In what aspects of it? what are the constraints that make it that drastic ?