News & Press

Green Hills Software Selects SAIC for EAL6+ Security Evaluation of the
INTEGRITY Operating System

Evaluation to Begin Immediately Using Existing Software and Artifacts

Salt Lake City, UT, SSTC—April 19, 2005—Green Hills Software, Inc., the technology leader in operating systems and development tools for safe and secure systems, announced today that its INTEGRITY operating system is undergoing the most stringent security evaluation undertaken by any commercial operating system. Green Hills Software has selected Science Applications International Corporation (SAIC) to evaluate Green Hills Software’s INTEGRITY operating system for conformance with the Separation Kernel Protection Profile (SKPP) at Common Criteria Evaluation Assurance Level 6+ (EAL6+).

The SKPP is the most demanding Protection Profile currently defined. On the seven-level EAL scale, no operating system has previously been certified beyond EAL5.

As part of the security evaluation, Green Hills Software will provide SAIC with full assurance artifacts. These include extensive documentation of the INTEGRITY operating system, the process under which INTEGRITY was developed and is maintained, and evidence that the process is being followed. Green Hills Software must also provide a test suite and evidence that it completely tests all of the INTEGRITY operating system’s security functions. The artifacts also include a specification of the INTEGRITY operating system’s security policy and architecture using formal methods—statements in a mathematical or logical form along with proofs that the security policy and architecture will result in a secure system.

SAIC’s evaluation of the INTEGRITY operating system will begin immediately using assurance artifacts already developed for a production version of INTEGRITY. Formal methods for the INTEGRITY-178B operating system are being created by Rockwell Collins in an on-going effort under a contract from the United States Air Force Research Laboratory (AFRL). This security certification was initiated by the AFRL specifically to support improved security for a variety of future military programs. The AFRL was partially funded for this effort by the F-35 Joint Strike Fighter, F/A-22 Raptor, and Joint Unmanned Combat Air Systems (J-UCAS).

“Green Hills Software selected SAIC for this most stringent security evaluation due to its extensive experience,” said Dan O’Dowd, founder and CEO of Green Hills Software. “SAIC’s lab has carried out many security evaluations and has a proven ability to correctly evaluate products at the highest security assurance levels. We chose SAIC after carefully considering other testing laboratories. SAIC was far and away the most experienced laboratory and had the best understanding of the unique requirements for high-security evaluations.”

“We’re pleased that Green Hills Software has selected SAIC to evaluate the INTEGRITY operating system,” said Julie Taylor, assistant vice president/division manager at the SAIC Common Criteria Testing Laboratory. “The fact that Green Hills Software has already created and successfully used certification evidence and artifacts for the most stringent FAA safety certifications, makes them a particularly sophisticated and knowledgeable customer. These evaluation components have already been created and have been thoroughly scrutinized by other demanding evaluators at the FAA.”

About Common Criteria

The Common Criteria is an international standard agreed to by the United States Government and 19 other nations. It establishes standards for security functionality, security assurance, and security evaluation. For the very high level of security provided by the INTEGRITY operating system, this requires independent security evaluation by a government approved and certified testing laboratory as well as the NSA.

About Green Hills Software

Founded in 1982, Green Hills Software, Inc. is the technology leader for real-time operating systems and software development tools for 32- and 64-bit embedded systems. Our royalty-free INTEGRITY® RTOS, velOSity™ microkernel, compilers, MULTI® and AdaMULTI™ Integrated Development Environments and TimeMachine™ debugger offer a complete development solution that addresses both deeply embedded and high-reliability applications. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom. Visit Green Hills Software on the web at

Green Hills Software, the Green Hills logo, MULTI, INTEGRITY, velOSity, AdaMULTI, and TimeMachine are trademarks or registered trademarks of Green Hills Software, Inc. in the U.S. and/or internationally. All other trademarks are the property of their respective owners.

North American Sales Contact:
Green Hills Software, Inc.
30 West Sola Street,
Santa Barbara, CA 93101,
Tel: 805-965-6044
Fax: 805-965-6343

International Sales Contact:
Green Hills Software Ltd.
Fleming Business Centre
Leigh Road
Hampshire SO50 9PD
Tel: +44 (0)2380 649660
Fax: +44 (0)2380 649661


Media Contacts:
Green Hills Software, Inc.
Lynn J. Robinson
Tel: 805-965-6044

Green Hills Software, Inc.
Barbel French
Tel: 805-965-6044


Aug 29, 2005
Green Hills Software's INTEGRITY-178B Operating System Achieves Major Milestone in Most Stringent OS Security Evaluation
Jul 6, 2005
Green Hills Software’s INTEGRITY-178B Operating System to Be Deployed Throughout the Boeing 787
Jun 15, 2005
Airbus A380 Flies with Green Hills Software’s INTEGRITY-178B Operating System
Jun 14, 2005
EADS Deutschland GmbH Selects Green Hills Software’s INTEGRITY-178B Operating System for Airbus A400M Military Avionics Computers
Jun 8, 2005
Green Hills Software Expands Safety and Security Initiatives
Jul 19, 2004
Green Hills Software Powers Next-generation of Military Unmanned Aerial Vehicles

Aviation Week-Jul. 2005
Operating System Picked for 787 Controls Finds Applications in Secure Communications (pdf)

SD Times—Jun. 2005
Common Criteria or Common Confusion? (pdf)

RTC Magazine-Sep. 2004

Operating Systems: Shouldering the Security
and Safety Burden (pdf)

EE Times-Jun. 2004
Partitioning helps build system reliability
EE Times-Apr. 2004
Linux: unfit for national security? (pdf)
Avionics-Mar. 2004
Keeping Secrets in Integrated Avionics (pdf)
EE Times-Aug. 2003
Designing Secure Reliable Systems
EE Times-Apr. 2002
Proper RTOS designs can improve device security (pdf)
© 1996-2024 Green Hills Software Privacy Policy Cookies Policy Copyright & Patent Notices