Ensuring the safety and reliability of software is always a time-consuming task. After a three-year testing cycle, the National Information Assurance Partnership (NIAP) has certified Green Hills Software’s real-time operating system to the highest level approved to date.
The Integrity-178B operating system has been certified to Common Criteria Evaluation Assurance Level (EAL) 6+ by NIAP, a U.S. government initiative operated by the National Security Agency (NSA). That level is approved to protect classified information and other high value resources at risk of attack from hostile and well-funded attackers, according to GHS.
A small number of operating systems are now certified to EAL 5, which protects against attackers' moderate attack potential, according to NIAP. Common operating systems such as Microsoft Windows XP are certified to EAL 4, which only protects against inadvertent or casual attacks.
Testing to Level 6 includes extensive attacks by NSA researchers who attempted to penetrate the software. The examination also included outside examination performed by Rockwell Collins, which used formal methods to test the software. Mathematical reasoning was used to establish digital system properties.
“No other operating system has been evaluated with this degree of rigor,” said Raymond Richards, Principal Engineering Manager at Rockwell Collins Advanced Technology Center. “We used machines ordered from the Air Force Research Laboratory. We wanted to perform an analysis that was independent of platforms.”
Security certification also extends to the processes used by GHS to ensure that the software cannot be tampered with or stolen. To ensure this aspect, the company bought an old bank office where many of its computers are isolated.
“Much of the work is done on servers secured in a bank vault using two-person access controls. No one person knows the full entry code,” said Mark Griglock, Vice President of Engineering for Safety and Security Critical Products, GHS.
Security and high reliability have always been a centerpiece of the company’s design efforts. Its software and development tools are widely used throughout the defense and aerospace industries. One of the latest design-ins came in the NASA’s Orion spacecraft, which will be used for lunar landings.