On Sep 28, 2014, at 7:00 AM, Dave G4UGM <dave.g4ugm at gmail.com> wrote:
Liam,
He probably can't say. However I still don't think CC security evaluation is
anything like a mathematical proof the program works as specified, it is also very
expensive and time consuming?
CC evaluation comes in different levels of rigor. I?ve done EAL2. That involves high
level specs, design reviews, and testing. EAL4 adds substantially more design specs and
source code review. I don?t remember the detailed rules for EAL7, but I?m pretty sure it
includes formal specifications and formal analysis of the code.
Yes, I can say; I learned about it from the supplier?s press release. It?s Lynx OS.
paul