About IA at NSA
Partners
Rowlett Awards
Award Recipients
Background
Nomination Procedures
Links
IA Client and Partner Support
IA News
IA Events
IA Mitigation Guidance
Media Destruction Guidance
Security Configuration Guides
Applications
Archived Guides
Cisco Router Guides
Database Servers
Fact Sheets
Industrial Control Systems (ICS)
IPv6
Operating Systems
Supporting Documents
Switches
VoIP and IP Telephony
Vulnerability Technical Reports
Wireless
System Level IA Guidance
TEMPEST Overview
TEMPEST Products: Level I
Certified
Confirmed Deficiencies
Suspended
Terminated
No Longer Produced
TEMPEST Products: Level II
Certified
Confirmed Deficiencies
Suspended
Terminated
No Longer Produced
TEMPEST Company POCs
Certified
Suspended
Terminated
Trusted Computing
IA Academic Outreach
National Centers of Academic Excellence in IA Education
Colloquium
Institutions
SEAL Program
IA Courseware Evaluation Program
Institutions
Student Opportunities
IA Business and Research
IA Business Affairs Office
Certified Product Sales and Support
Commercial COMSEC Evaluation Program
Commercial Satellite Protection Program
Independent Research and Development Program
User Partnership Program
Partnerships with Industry
NIAP and COTS Product Evaluations
IA Programs
Commercial Solutions for Classified Program
Global Information Grid
High Assurance Platform
HAP Technology Overview
HAP Technology Partner Program
HAP Resource Library
Inline Media Encryptor
Suite B Cryptography
NSA Mobility Program
IA Careers
Contact Information
|
IA Guidance Executive Summary
The emergence of commercial off-the-shelf (COTS) real-time operating systems (RTOS) with the capability to support processing data at multiple classification levels on a single processor while maintaining the necessary data separation has generated significant interest, particularly by embedded system developers. The opportunity to leverage this technology to reduce size, weight and power requirements or to provide more capabilities within an existing footprint drove the need for appropriate Information Assurance (IA) guidance to enable these gains. The National Security Agency (NSA) established a cross-organizational team to develop the necessary IA guidance and this document is the product of that effort. Within this document the term Security Real-Time Operating System (SRTOS) is defined as a separation kernel-based RTOS that has undergone an appropriate security evaluation. Four operational scenarios are described in detail with the intent that any given embedded system would be similar to one of them. For three of the scenarios detailed IA guidance is provided that can be tailored and applied. The IA guidance for the fourth scenario is that it be re-architected because any reasonable IA guidance would not provide sufficient protection to counter the threat. The IA guidance provided in this document addresses many topics including the robustness level of components, layering components, component re-evaluation, use of cache and direct memory access, partitioning, scheduling, communications, devices, covert channel analysis, initialization, life cycle protection measures, and other topics. This IA guidance is targeted at the systems engineers and Information Systems Security Engineers (ISSE) that are developing embedded systems that will be based on a SRTOS and will perform security critical functions such as the separation of data at multiple classification levels. |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |