On Sep 28, 2014, at 7:00 AM, Dave G4UGM<dave.g4ugm
at gmail.com> wrote:
Liam,
He probably can't say. However I still don't think CC security evaluation is
anything like a mathematical proof the program works as specified, it is also very
expensive and time consuming?
CC evaluation comes in different levels of rigor. I?ve done EAL2. That
involves high level specs, design reviews, and testing. EAL4 adds substantially more
design specs and source code review. I don?t remember the detailed rules for EAL7, but
I?m pretty sure it includes formal specifications and formal analysis of the code.
Yes, I can say; I learned about it from the supplier?s press release. It?s Lynx OS.
paul
Interesting home page... but I only see the DO-178B level A cert
addressed. Lots of references to secure code but no CC or EAL cert.
How about a link or something...
Steve