Articles

Cyber Security Robustness of an Embedded Computing System with Trusted Computing Measures Built-in

December 16, 2020

Published in Military & Aerospace Electronics

Authored by Richard Jaenicke of Green Hills Software and Steve Edwards of Curtiss-Wright.

Systems designers who are considering creating a trusted computing platform able to host cross-domains solutions (CDS) and other multi-level security (MLS) applications have some decisions to make about software and hardware concerns. First, the designer needs to understand the levels of security functionality and assurance that a robust trusted-computing solution needs.

The international standard for security evaluation of an information technology (IT) product or technology is the Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408) -- simply referred to as the Common Criteria (CC).

The Common Criteria provides common requirements for computer security and for assurance measures applied to those IT products during a security evaluation. Evaluations can be done to different levels of depth and rigor, called Evaluation Assurance Levels (EAL). Each EAL defines security-assurance requirements: EAL 1 is the least rigorous and EAL 7 is the most rigorous.

By definition, an EAL addresses only assurance requirements and not functional requirements of a security solution. This can lead to applying rigorous evaluation methods to very lax security functionality. The Common Criteria explicitly acknowledges this up front:

“The CC is intentionally flexible, enabling a range of evaluation methods for a range of security in IT products. Therefore users of the standard are cautioned to exercise care that this flexibility is not misused. For example, using the CC in conjunction with unsuitable evaluation methods, irrelevant security properties, or inappropriate IT products, may result in meaningless evaluation results.”

Read the full article.

 

Share This Article

  • Share on Linkedin
  • Share on Twitter
  • Share on Facebook
  • Share on Google+
Want to add a comment? Please login
Loading...
Connect With Curtiss-Wright Connect With Curtiss-Wright Connect With Curtiss-Wright
Sales

CONTACT SALES

Contact our sales team today to learn more about our products and services.

YOUR LOCATION

PRODUCT INFORMATION

Support

GET SUPPORT

Our support team can help answer your questions - contact us today.

REQUEST TYPE

SELECT BY

SELECT Topic