Project deliverable Open Access

Technical Analysis of Available Assurance Techniques

Courrège, Jean-Christophe; Barrat-Gély, Claire; Culat, Jean-François

Barrat-Gély, Claire; Courrège, Jean-Christophe; Culat, Jean-Francois

This document presents a technical analysis of available assurance techniques proposed by the Common Criteria v3.1 (CC3.1) from Evaluation Assurance Level (EAL) 5 to EAL 7 to examine their applicability to a feasible transnational CC certification.

The conditions to international recognition of issued CC certificates are studied and several differentials are done showing what the prerequisites in terms of Security Assurance Requirements (SARs) are at EAL 5, 6 and 7 based on information available in CC3.1 and the Common Methodology for Information Technology Security Evaluation (CEM v3.1). EAL 5 evaluation is doable based on the CEM, EAL 6 evaluation requires the use of additional guidance and the gap to perform an EAL 7 evaluation is identified.

Finally a review of known evaluations at EAL 6 and 7 is done for resource management, for existing separation kernels/hypervisors compiled from published protection profiles, security targets or relevant publications.

Files (751.3 kB)
Name Size
751.3 kB Download
  • Application Notes and Interpretation of the Scheme (AIS), AIS34, v3, September 2009
  • Common Criteria for Information Technology Security Evaluation. Version 3.1, revision 4, vol. 1--3, September, 2012,
  • Common Methodology for Information Technology Security Evaluation, Evaluation methodology, September 2012, Version 3.1, revision 4
  • COTS Compartmentalized Operations Protection Profile Operating Systems, v2.0, 2008
  • Fox Crypto, Fort Fox Hardware Data Diode: Security Target Common Criteria FFHDD - EAL7+, 2010,
  • General-Purpose Operating System Protection Profile, v3.9, September 2012 draft
  • Green Hills Software INTEGRITY-178B Separation Kernel Security Target, v1.0, Ref. IN-ICR750-0100-GH01ST, 2008
  • Mutual Recognition Agreement of Information Technology Security Evaluation Certificates, v3.0, January 2010 [Note 12] Note d'application, réf. 12.1, Modélisation formelle des politiques de sécurité d'une cible d'évaluation, March 2008
  • Operating System Protection Profile, 2010, v2.0, BSI-CC-PP-0067
  • Security Target for PikeOS, v0.24, June 2013
  • Tenix Datagate Inc, Interactive link data diode device: Common Criteria security target, no. 9126P01000001, August, 2005,
  • U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness. No. Version 1.03, National Security Agency, June 2007.
  • Wind River VxWork MILS Platform, PO_VE_MILS_Platform.pdf, Rev 08/2010,
All versions This version
Views 1212
Downloads 77
Data volume 5.3 MB5.3 MB
Unique views 1212
Unique downloads 77


Cite as