About IA at NSA
Partners
Rowlett Awards
Award Recipients
Background
Nomination Procedures
Links
IA News
IA Events
Open for Registration
Closed for Registration
Scheduled
IA Guidance
Media Destruction Guidance
Security Configuration Guides
Applications
Archived Guides
Cisco Router Guides
Current Guides
Database Servers
Fact Sheets
IPv6
Operating Systems
Apple Mac Operating Systems
Linux
Microsoft Windows
Sun Solaris
Supporting Documents
Switches
VoIP and IP Telephony
Vulnerability Technical Reports
Web Server and Browser Guides
Wireless
Standards Profiles
System Level IA Guidance
TEMPEST Overview
TEMPEST Products: Level I
Certified
Confirmed Deficiencies
Suspended
Terminated
No Longer Produced
TEMPEST Products: Level II
Certified
Confirmed Deficiencies
Suspended
Terminated
No Longer Produced
TEMPEST Company POCs
Certified
Suspended
Terminated
TEMPEST Zoned Equipment
IA Academic Outreach
National Centers of Academic Excellence in IA Education
CAE/IAE Program Criteria
CAE-R Program Criteria
Colloquium
Institutions
SEAL Program
Applying
FAQs
IA Courseware Evaluation Program
Institutions
FAQs
Student Opportunities
IA Business and Research
IA Business Affairs Office
Certified Product Sales and Support
Commercial COMSEC Evaluation Program
Commercial Satellite Protection Program
Independent Research and Development Program
User Partnership Program
National IA Research Laboratory
Partnerships with Industry
NIAP and COTS Product Evaluations
IA Programs
Global Information Grid
High Assurance Platform
Releases
Computing Platform Architecture and Security Criteria
IA Training and Rating Program
Inline Media Encryptor
Suite B Cryptography
IA Careers
Contact Information
|
IA Guidance Executive Summary
The emergence of commercial off-the-shelf (COTS) real-time operating systems (RTOS) with the capability to support processing data at multiple classification levels on a single processor while maintaining the necessary data separation has generated significant interest, particularly by embedded system developers. The opportunity to leverage this technology to reduce size, weight and power requirements or to provide more capabilities within an existing footprint drove the need for appropriate Information Assurance (IA) guidance to enable these gains. The National Security Agency (NSA) established a cross-organizational team to develop the necessary IA guidance and this document is the product of that effort. Within this document the term Security Real-Time Operating System (SRTOS) is defined as a separation kernel-based RTOS that has undergone an appropriate security evaluation. Four operational scenarios are described in detail with the intent that any given embedded system would be similar to one of them. For three of the scenarios detailed IA guidance is provided that can be tailored and applied. The IA guidance for the fourth scenario is that it be re-architected because any reasonable IA guidance would not provide sufficient protection to counter the threat. The IA guidance provided in this document addresses many topics including the robustness level of components, layering components, component re-evaluation, use of cache and direct memory access, partitioning, scheduling, communications, devices, covert channel analysis, initialization, life cycle protection measures, and other topics. This IA guidance is targeted at the systems engineers and Information Systems Security Engineers (ISSE) that are developing embedded systems that will be based on a SRTOS and will perform security critical functions such as the separation of data at multiple classification levels. |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |