Protection against cyberattacks is becoming increasingly important. Data and IP theft are bad, because data is the gold of the 21st century. Sabotage of real-time and Safety applications is even worse. After all, life and limb are at stake here.
To best secure IoT-connected systems in critical infrastructures, the highest Cybersecurity is required in addition to functional Safety. The leading standard is Common Criteria (CC), which is a worldwide recognized standard supported by many countries. Using compliance matrices, it is easy to achieve the levels of industry standards such as DO-356A/ED-203A, IEC 62443 or ISO/SAE 21434.
The presentation introduces the CC model, explains its functional and assurance components and, using the example of a secure gateway, explains how to proceed during development, what to look out for and what value an EAL 5+ certified RTOS offers in such applications.
Findings from the presentation include: By using the EAL 5+ certified OS as part of a CC EAL-certified Hardware Abstraction Layer (HAL), the Security domain is split into two layers: The application layer and the platform layer. Benefit: The scope of the CC evaluation is limited to the application layer. If the application layer uses the separation properties of the platform layer, components are isolated efficiently, and security goals are achieved more easily. Platform evaluation requires the extension of the CC certification of the OS.
More information at [ Ссылка ]
Chapters:
00:00 Introduction & Agenda
01:33 SYSGO's History in Security
02:37 PikeOS and Security
03:59 Cybersecurity Standards Landscape
05:41 Common Criteria Overview
06:42 CC Model, Security Components & EALs
11:34 CC Security Security Target Doc
12:34 PikeOS Scope in CC
15:48 PikeOS Evaluation Assurance Levels
17:29 Cybersecurity Standards Landscape
19:12 CC Security Model & ISO / SAE 21434 Security Model
20:00 Security Life Cycle
21:52 Use Case: Secure Gateway based on PikeOS
23:34 Use Case: Architecture
25:12 Use Case: TOE Environment Security Objectives
26:47 Summary
▬ About SYSGO ▬▬▬▬▬▬▬▬▬▬▬▬
SYSGO is the leading European manufacturer of embedded operating systems, supporting Safety and Security-critical applications in the aerospace, automotive, railway and IIoT industries.
PikeOS, the world's first SIL 4 certified real-time operating system with multi-core support. The hypervisor (Type 1), which runs directly on the hardware, is certified according to the strictest Safety standards such as IEC 61508, EN 50128 and ISO 26262. In terms of Security, PikeOS is currently the only separation kernel certified to Common Criteria (EAL5+). In addition, PikeOS offers a fully certified programming interface and thus enables application development according to the "Safe & Secure by Design" principle. For less critical systems, ELinOS is an industrial grade Linux distribution with real-time extensions for embedded systems.
info@sysgo.com | [ Ссылка ]
▬ More SYSGO Videos ▬▬▬▬▬▬▬▬▬
Subscribe to the SYSGO Channel: [ Ссылка ]
Watch all SYSGO Videos: [ Ссылка ]
▬ Social Media ▬▬▬▬▬▬▬▬▬▬▬▬▬
► LinkedIn: [ Ссылка ]
► LinkedIn Certified RTOS Group: [ Ссылка ]
► Facebook: [ Ссылка ]
► Twitter: [ Ссылка ]
► Instagram: [ Ссылка ]
► Xing: [ Ссылка ]
► SYSGO Blog: [ Ссылка ]
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
#security #cyberattack #certification #cc #cybersecurity
Gemafreie Musik (royalty free): [ Ссылка ]
