SYSGO's PikeOS achieved Security Certification Evaluation according to French National Security Agency
A French security test lab has officially evaluated a security product built on PikeOS. The product has been developed by a world technology leader for defense and security. The French CESTI lab is an accredited security evaluation laboratory for Common Criteria security evaluations, also commonly referred to as Information Technology Security Evaluation Facilities (ITSEF). As a result, a certificate called "Certification de Sécurité de Premier Niveau" (CSPN), also called First Level Security Certification was delivered by the French Network and Information Security Agency (ANSSI).
The CSPN certificate states that the product successfully underwent through an evaluation performed by a recognized ITSEF in a restricted time and framework but with procedures used for Common Criteria EAL certification. Preliminary evaluation work is intended to:
- check product conformance to security specifications,
- perform some theoretical measurements and go through known vulnerabilities of other products in the same category,
- stress-test the product in an attempt to breach its security functions.
ANSSI has signed the Common Criteria Mutual Recognition Arrangement that enables the recognition, by the signatory countries of the agreement (including USA as well as major countries in Europe and Asia), of certificates issued within the scope of Common Criteria certification frameworks.
“We are pleased to have passed this official and demanding test conducted under the authority of the French national security agency,” said Jacques Brygier, VP Marketing of SYSGO. “This certificate is just one of the many activities we have in the area of security. Besides on-going efforts in finalizing formal code verification of the PikeOS micro-kernel for Common Criteria EAL 7, and creating artifacts for Common Criteria EAL 5+, we are involved in various industrial projects requiring the highest level of security.”
Common Criteria (CC) EAL level conformance is not the goal of this type of preliminary evaluation, but the rigor and the quality associated with the CSPN process validate the strong security capabilities of PikeOS. Through its avionics DO-178B certification, the most stringent safety standard in the industry, PikeOS already met many requirements mandatory for the highest level of security.
PikeOS enables multiple operating system interfaces, called Guest OS, to work on separate sets of resources within a single machine. Examples of Guest OS include Linux, POSIX®, Android, RTEMS, ARINC 653 and many others. A Windows Guest OS is currently being developed. Because of the resource separation enforced by the PikeOS microkernel, multiple applications with different safety and security requirements and belonging to different Guest OS are able to co-exist on the same hardware platform. The PikeOS microkernel architecture allows it to be used in cost sensitive, resource constrained devices as well as large, complex systems. The simplicity and compactness of the PikeOS design results in real-time performance that competes head-to-head with conventional proprietary RTOS solutions.
PikeOS supports many different single- and multi-core processor architectures such as x86, PowerPC, MIPS, ARM, SPARC or SH. Support of multi-core offers a flexible approach to the user who can select an execution model ranging from a pure AMP (Asymmetric Multi Processing) to full SMP (Symmetric Multi-Processing). PikeOS is certifiable to safety standards like DO-178B, IEC 61508 or EN 50128, is MILS-compliant, and is currently involved in various security standard CC EAL certification projects.
More information at www.sysgo.com/pikeos