Browse Publications Technical Papers 2011-01-2777

From a DO-178B Certified Separation Kernel to Common Criteria Security Certification 2011-01-2777

DO-178B avionic software safety has been largely based upon the assumption that rigorous development and verification processes are uniformly applied to the entire product (that is typically small or developed from scratch and is extensively tested). On the other hand, security certification by the Common Criteria (CC) traditionally has had also in mind the analysis and gradual improvement of existing systems. For such scenarios, just redoing the entire design is not feasible. This leads to a slightly different emphasis in the presentation of artifacts which is of interest not only in a CC certification context but also when for example reviewing requirement-based descriptions of systems.
In cooperation with the DFKI evaluation laboratory, we have drafted a security target instantiating security properties (Security Functional Requirements, SFRs) of the PikeOS separation kernel that has undergone certification for DO-178B. The security target initially had been based on the Separation Kernel Protection Profile (SKPP) but is now done stand-alone, without using a protection profile, compatible with the current version of the CC. In the German research project SeSaM [SeS11] we prepare Common Criteria certification artifacts for a DO-178B certified separation kernel for a high-level CC certification. We report on our approach and experiences generating artifacts from a DO-178B/DO-178C perspective and on lessons learned when dealing with the CC.


Subscribers can view annotate, and download all of SAE's content. Learn More »


Members save up to 18% off list price.
Login to see discount.
Special Offer: Download multiple Technical Papers each year? TechSelect is a cost-effective subscription option to select and download 12-100 full-text Technical Papers per year. Find more information here.
We also recommend:

Industry Activities Related to Aircraft Information Security


View Details


A Lightweight Spatio-Temporally Partitioned Multicore Architecture for Concurrent Execution of Safety Critical Workloads


View Details


A Perspective on Commercial and Military Avionics


View Details