RSS
News & PressGreen Hills Software Rebuts Misinformation Propagated by Wind RiverSanta Barbara, CA —November 2, 2009—Green Hills Software, Inc., the world leader in secure operating systems and the largest independent vendor of embedded software solutions, today responded to false and misleading statements made by Marc Brown, vice president, VxWorks Product Strategy and Marketing for Wind River. He is quoted by Military Embedded Systems at http://www.mil-embedded.com/articles/id/?4281 as saying that Green Hills Software’s INTEGRITY®-178B real-time operating system is not certified under EAL6+. In response to a question about the INTEGRITY-178B operating system, he replied:
This statement is false. The INTEGRITY-178B operating system is certified to EAL6+ (and High Robustness). It is printed directly on the certificate found on the NIAP web site (http://www.niap-ccevs.org/st/st_vid10119-ci.pdf) and signed by Directors of NIAP and the NSA. The certificate says “Assurance Level: EAL6+, High Robustness” just above the “Original Signed By” in the lower left signature block.
Built from the Ground Up for High Robustness Let’s set the record straight: the INTEGRITY operating system was originally designed and developed for the purpose of formal security evaluation with a deep understanding of the mathematical basis of operating system security. The first deployment of the INTEGRITY operating system was for a nuclear weapons delivery system: the B1-B intercontinental nuclear bomber flight systems, navigation systems, and weapons systems. Other early deployments of the INTEGRITY operating system were for equally security critical systems: the B-52 and F-16 aircraft. Today, the INTEGRITY-178B operating system is being designed or has been deployed into almost every major next-generation commercial and military aircraft, including Boeing’s new 787 Dreamliner, Airbus’ new A380 and A350 Airliners, Lockheed Martin’s F-35 Lightning II Joint Strike Fighter, F-22 Raptor, C-130J Super Hercules, and the VH-71 Marine One helicopter, Airbus’ new A400M military transport, Northrop Grumman’s B-2 Spirit Stealth Bomber, Boeing’s C-17 Globemaster III military transport, Sikorsky’s S-92 helicopter, Airbus’ A320, A330 and A340 Airliners and Boeing’s 737, 747, 757, 767 Airliners. Mr. Brown went on to say, "One of the reasons Green Hills is not listed on the NIAP’s website under systems evaluated to EAL6+ is that there are certain requirements that have to be satisfied in addition to developing in compliance to the SKPP." We list the INTEGRITY-178B operating system under High Robustness on the NIAP website rather than EAL6+ because an expert in the field (which excludes Wind River Marketing) understands that a High Robustness certification is significantly harder than an EAL6+ or EAL7 evaluation because the U.S. government added 133 explicit requirements over and above 154 EAL7 requirements (including formal methods and NSA penetration testing) from the Common Criteria menu, in order to meet High Robustness: protection of the most valuable resources against the most sophisticated attackers. On the other hand, to the best of our knowledge, VxWorks MILS 2.0 has never been deployed in anything or certified for anything. Until Wind River has achieved an EAL6+ or High Robustness certification, Wind River’s pronouncements on security should be given no more weight than medical advice from a medical student. Wind River Marketing: A Pattern of Certification Promises Broken
Nearing 2010, Wind River has failed to deliver on any of its certification promises for a separation kernel: DO-178B Level A, High Robustness, EAL6+, EAL7, or POSIX Profile 54. When Wind River says "certifiable" they mean "not certified" and it may not ever be certified. Green Hills Engineering: A Pattern of Certification Promises Fulfilled In contrast, here is a timeline of Green Hills Software’s separation kernel promises and deliveries:
INTEGRITY is a single technology, designed from the ground up to meet the highest levels of both safety and security, surrounded by world-leading development tools, an enormous ecosystem of device drivers and middleware, conformance to open standards, ability to run virtualized guest operating systems for maximum portability and reuse, more than a decade of customer success, and backed by a trustworthy, successful, independent vendor. "It is unfortunate that the acquisition of Wind River by Intel, a respected multinational corporation, has not curbed Wind River’s decade long pattern of irresponsible certification claims," commented Dan O’Dowd, chief executive officer and founder of Green Hills Software. "We had been hearing this misinformation about the INTEGRITY-178B operating system through the grapevine. Now, I think, we know where it is coming from. I demand an immediate retraction and apology from Wind River, and a promise to suppress the propagation of this misinformation by the Wind River organization." About Green Hills Software
|
|
|
North American Sales Contact: Media Contacts: |
International Sales Contact: |
