Base MILS Platform Protection Profile

This is a Protection Profile (PP) according to the Common Criteria (CC). The PP serves as "base PP" of the modular PP. Note: The PP is a research output from the certMILS project.
That is, despite being a sincere effort that we have submitted to further feedback (https://zenodo.org/record/2541464), it has not undergone Common Criteria certification.

Whereas a Security Target (ST) always describes a specific Target of Evaluation (TOE), a Protection Profile (PP) is intended to describe a TOE type - in this case a Separation Kernel (SK) operating system. The same PP may therefore be used as a template for many different STs employed in different Common Criteria evaluations.

This "Base PP" can be extended using defined "PP Modules" that are produced as certMILS deliverable D2.2 (https://www.zenodo.org/record/2586507). These PP modules describe optional security functionality of an SK (that may cover additional threats). Together with the base PP, these build a “PP Configuration”.

The base PP first provides an overview of the type of TOE. The relevant normative text is identified (Common Criteria version 3.1 revision 5) and the security problem is defined. The resolution of that security problem is achieved through security objectives for the TOE and its environment. These objectives are re-expressed as formal security functional requirements that the TOE must implement and as assumptions that the environment must satisfy.

A PP is a living document, so this deliverable should be perceived as a snapshot of the certMILS partners at M16 that will be constantly extended, based on the internal and external feedback.