| name |
L4Re Secure Separation Kernel, Version CC 1.0.2 |
NPCT7xx TPM2.0 rev 1.59 (configuration version 1.1.2.2) (ANSSI-CC-2024/09) |
| category |
Operating Systems |
Trusted Computing |
| scheme |
DE |
FR |
| status |
active |
active |
| not_valid_after |
15.04.2031 |
17.04.2029 |
| not_valid_before |
16.04.2026 |
17.04.2024 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/EUCC-3087-2026-04-0003%20Certificate.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certificat-CC-2024_09fr%201.1.2.2.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/EUCC-3087-2026-04-0003%20Report.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2024_09fr%201.1.2.2.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/EUCC-3087-2026-04-0003%20Security%20Target.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-CC-2024_09en%201.1.2.2.pdf |
| manufacturer |
Kernkonzept GmbH |
Nuvoton Technology |
| manufacturer_web |
https://kernkonzept.com |
|
| security_level |
EAL4+, ALC_FLR.3 |
EAL4+, ALC_FLR.1, ALC_DVS.2, AVA_VAN.4 |
| dgst |
2177f30fc1028d8d |
aac4c61aee502a1e |
| heuristics/cert_id |
BSI-DSZ-CC-1177-V2-2026 |
ANSSI-CC-2024/09 |
| heuristics/cert_lab |
BSI |
[] |
| heuristics/cpe_matches |
{} |
cpe:2.3:h:nuvoton:npct7xx:-:*:*:*:*:*:*:* |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ALC_DEL.1, ATE_FUN.1, ASE_INT.1, ALC_LCD.1, ADV_FSP.4, ADV_TDS.3, AGD_OPE.1, ASE_CCL.1, ADV_ARC.1, ATE_COV.2, ASE_SPD.1, AVA_VAN.3, ATE_IND.2, ALC_CMC.4, ALC_TAT.1, ATE_DPT.1, ASE_ECD.1, AGD_PRE.1, ALC_DVS.1, ASE_TSS.1, ADV_IMP.1, ASE_REQ.2, ALC_FLR.3, ALC_CMS.4, ASE_OBJ.2 |
AVA_VAN.4, ALC_FLR.1, ALC_DVS.2 |
| heuristics/extracted_versions |
1.0.2 |
1.59, 2.0, 1.1.2.2 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
BSI-DSZ-CC-1177-2025 |
ANSSI-CC-PP-2021/02 |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-1177-2025 |
ANSSI-CC-PP-2021/02 |
| heuristics/scheme_data |
- category: Operating systems
- cert_id: EUCC-3087-2026-04-0003
- certification_date: 16.04.2026
- enhanced:
- applicant: Kernkonzept GmbH Buchenstraße 16 b 01097 Dresden Deutschland
- assurance_level: EAL4+,ALC_FLR.3
- certification_date: 16.04.2026
- description: The TOE is the L4Re Secure Separation Kernel CC 1.0.1 (L4Re SSK). L4Re SSK is a distribution of the open-source L4Re Operating System Framework. As such it is based on the L4Re Microkernel. The L4Re Microkernel is a 3rd-generation microkernel with a state-of-the-art capability-based mandatory access control security model. It allows the separation of applications into different security domains, information flow control, and, subject to access control, dynamic assignment of resources and communication channels. Further the L4Re Microkernel supports static workloads alongside dynamic workloads, which allows to start, restart and shutdown applications during runtime. L4Re SSK is configured to act as a separation kernel, to provide the security features claimed by the ST. The TOE supports native applications as well as virtual machines (VMs). Access to every resource including but not limited to memory, hardware devices and CPU cores is protected by capabilities. Applications and VMs can only access a resource if they possess a capability with suitable permissions for that resource.
- entries: [frozendict({'id': 'EUCC', 'description': 'L4Re SSK is configured to act as a separation kernel, to provide the security features claimed by the ST. The TOE supports native applications as well as virtual machines (VMs). Access to every resource including but not limited to memory, hardware devices and CPU cores is protected by capabilities. Applications and VMs can only access a resource if they possess a capability with suitable permissions for that resource.'}), frozendict({'id': 'BSI', 'description': 'Certificate'})]
- evaluation_facility: atsec information security GmbH
- expiration_date: 15.04.2031
- product: L4Re Secure Separation Kernel, Version CC 1.0.2
- product: L4Re Secure Separation Kernel, Version CC 1.0.2
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1177_1177V2.html
- vendor: Kernkonzept GmbH
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
ANSSI-CC-PP-2021/02 |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
ANSSI-CC-PP-2021/02 |
| heuristics/protection_profiles |
{} |
edccaca44d27fedc |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/anssi-profil-pp-2021_02en.pdf |
| pdf_data/cert_filename |
EUCC-3087-2026-04-0003 Certificate.pdf |
Certificat-CC-2024_09fr 1.1.2.2.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-1177-V2-2026: 1
- EUCC-3087-2026-04-0003: 1
|
- FR:
- ANSSI-CC-2024/09: 2
- ANSSI-CC-PP-2021/02: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
- ALC:
- ALC_DVS.2: 1
- ALC_FLR.1: 2
- AVA:
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
EUCC-3087-2026-04-0003 Report.pdf |
ANSSI-CC-2024_09fr 1.1.2.2.pdf |
| pdf_data/report_frontpage |
- FR:
- DE:
- cert_id: BSI-DSZ-CC-1177-V2-2026
- cert_item: L4Re Secure Separation Kernel, Version CC 1.0.2
- cert_lab: BSI
- developer: Kernkonzept GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
|
|
| pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-1177-: 1
- BSI-DSZ-CC-1177-2025: 2
- BSI-DSZ-CC-1177-V2-2026: 18
- EUCC-3087-2026-04-0003: 18
|
- FR:
- ANSSI-CC-2024/09: 2
- ANSSI-CC-PP-2021/02: 2
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
|
- ALC:
- ALC_DVS.2: 1
- ALC_FLR: 1
- ALC_FLR.1: 2
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
- OE:
- OE.HARDWARE: 1
- OE.NOEVIL: 1
- OE.PHYSICAL: 1
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- AIS 1: 1
- AIS 14: 1
- AIS 17: 1
- AIS 19: 1
- AIS 23: 1
- AIS 32: 1
- AIS 38: 1
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 17065: 2
- ISO/IEC 18045: 2
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- ETR] Final Evaluation Technical Report, Version 1.1, 24.03.2026, atsec information security GmbH, (confidential document) [ConfList] L4Re Secure Separation Kernel CC 1.0.2 Konfigurationsliste, Version 1.2, 2026-01-26: 1
- GmbH (confidential document) [ConfGuide] L4Re Configuration Guidance, Version 15, 2025-11-28, Kernkonzept GmbH [DevGuide: 1
|
|
| pdf_data/report_metadata |
- /CreationDate: D:20260420085327+02'00'
- /Creator: Writer
- /Keywords: Common Criteria, Certification, Zertifizierung, L4Re, Kernkonzept, Mikrokernel
- /Producer: LibreOffice 5.3
- /Title: Certification Report EUCC-3087-2026-04-0003 ;BSI-DSZ-CC-1177-V2-2026
- pdf_file_size_bytes: 343571
- pdf_hyperlinks: https://www.bsi.bund.de/zertifizierung, https://www.kernkonzept.com/cybersecurity-information/, https://www.commoncriteriaportal.org/, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierungsreporte, https://certification.enisa.europa.eu/publications/eucc-state-art-documents_en, https://euvd.enisa.europa.eu/, https://www.bsi.bund.de/AIS, https://eur-lex.europa.eu/eli/reg_impl/2025/2462/oj
- pdf_is_encrypted: False
- pdf_number_of_pages: 18
|
|
| pdf_data/st_filename |
EUCC-3087-2026-04-0003 Security Target.pdf |
ANSSI-cible-CC-2024_09en 1.1.2.2.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-1177-v2-2026: 2
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL 4: 1
- EAL 4 augmented: 1
- EAL4: 2
- EAL4 augmented: 1
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.4: 1
- ADV_IMP.1: 1
- ADV_TDS.3: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR.3: 6
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
- ALC:
- ALC_DVS.1: 1
- ALC_DVS.2: 4
- ALC_FLR.1: 3
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FDP:
- FDP_ACC: 30
- FDP_ACC.1: 4
- FDP_ACC.2: 8
- FDP_ACF: 30
- FDP_ACF.1: 20
- FDP_IFC.2: 7
- FDP_IFC.2.1: 1
- FDP_IFC.2.2: 1
- FDP_IFF.1: 6
- FDP_IFF.1.1: 1
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 1
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FDP_RIP.1: 5
- FDP_RIP.1.1: 1
- FIA:
- FIA_UID.2: 6
- FIA_UID.2.1: 1
- FMT:
- FMT_MSA: 39
- FMT_MSA.1: 5
- FMT_MSA.3: 15
- FMT_MTD: 5
- FMT_MTD.1: 1
- FMT_SMF: 1
- FMT_SMF.1: 5
- FMT_SMF.1.1: 1
- FMT_SMR: 6
- FMT_SMR.1: 6
- FPR:
- FPR_UNO.1: 5
- FPR_UNO.1.1: 1
|
- FCO:
- FCS:
- FCS_CKM: 12
- FCS_CKM.1: 12
- FCS_CKM.2: 4
- FCS_CKM.4: 14
- FCS_CKM.4.1: 1
- FCS_COP: 21
- FCS_COP.1: 11
- FCS_RNG.1: 4
- FCS_RNG.1.1: 1
- FCS_RNG.1.2: 1
- FDP:
- FDP_ACC: 21
- FDP_ACC.1: 35
- FDP_ACC.2: 2
- FDP_ACF: 23
- FDP_ACF.1: 35
- FDP_ETC: 6
- FDP_ETC.1: 2
- FDP_ETC.2: 4
- FDP_IFC.1: 20
- FDP_ITC: 6
- FDP_ITC.1: 11
- FDP_ITC.2: 13
- FDP_ITT.1: 3
- FDP_ITT.1.1: 1
- FDP_RIP.1: 3
- FDP_RIP.1.1: 1
- FDP_SDI.1: 3
- FDP_SDI.1.1: 1
- FDP_UCT: 7
- FDP_UCT.1: 2
- FDP_UIT: 9
- FDP_UIT.1: 4
- FIA:
- FIA_AFL: 12
- FIA_AFL.1: 8
- FIA_ATD.1: 1
- FIA_SOS.1: 1
- FIA_SOS.2: 3
- FIA_SOS.2.1: 1
- FIA_SOS.2.2: 1
- FIA_UAU.1: 7
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.5: 3
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 3
- FIA_UAU.6.1: 1
- FIA_UID.1: 7
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_USB.1: 3
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 1
- FMT:
- FMT_MOF: 3
- FMT_MOF.1: 1
- FMT_MSA: 51
- FMT_MSA.1: 15
- FMT_MSA.2: 4
- FMT_MSA.2.1: 1
- FMT_MSA.3: 22
- FMT_MSA.4: 3
- FMT_MTD: 6
- FMT_MTD.1: 2
- FMT_SMF.1: 13
- FMT_SMF.1.1: 1
- FMT_SMR.1: 21
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_FLS: 7
- FPT_FLS.1: 2
- FPT_ITT.1: 3
- FPT_ITT.1.1: 1
- FPT_PHP.3: 3
- FPT_PHP.3.1: 1
- FPT_STM.1: 2
- FPT_STM.1.1: 1
- FPT_TDC.1: 1
- FPT_TST.1: 5
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FTP:
- FTP_ITC: 3
- FTP_ITC.1: 5
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP.1: 5
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.ENVIRONMENT: 2
- A.NOEVIL: 2
- A.PHYSICAL: 2
- O:
- O.AVAILABILITY: 11
- O.CONFIDENTIALITY: 19
- O.INTEGRITY: 5
- OE:
- OE.HARDWARE: 2
- OE.NOEVIL: 2
- OE.PHYSICAL: 2
- T:
- T.DEPLETION: 2
- T.DISCLOSURE: 2
- T.MODIFICATION: 2
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- AES:
- AES: 9
- AES-: 1
- AES-256: 2
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
- NIST:
- NIST P-384: 1
- P-256: 2
- P-384: 3
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
- FI:
- Malfunction: 2
- Physical Tampering: 2
- malfunction: 2
- physical tampering: 2
- SCA:
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- BSI:
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS 140-2: 3
- FIPS 180-1: 1
- FIPS 180-4: 1
- FIPS 186-3: 4
- FIPS 197: 2
- FIPS 198-1: 2
- FIPS PUB 186-4: 1
- FIPS140-2: 2
- FIPS180-4: 1
- FIPS186-4: 2
- FIPS198-1: 1
- ISO:
- ISO/IEC 10116:2006: 1
- ISO/IEC 14888-3: 1
- ISO/IEC 15408: 2
- ISO/IEC 15946-1: 1
- ISO/IEC 18033-3: 1
- ISO/IEC 9797-2: 1
- PKCS:
- RFC:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
|
| pdf_data/st_metadata |
- /Author: Kernkonzept GmbH
- /CreationDate: D:20260126154027+01'00'
- /Creator: Writer
- /Keywords: L4Re Operating System Framework, L4Re Hypervisor, Microkernel, Operating system
- /Producer: LibreOffice 25.8.4.2 (X86_64) / LibreOffice Community
- /Subject: L4Re SSK
- /Title: Security Target for L4Re Secure Separation Kernel CC 1.0.2
- pdf_file_size_bytes: 1209582
- pdf_hyperlinks: https://l4re.org/doc/group__l4__icu__api.html
- pdf_is_encrypted: False
- pdf_number_of_pages: 61
|
|
| state/cert/convert_garbage |
None |
None |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
None |
None |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
None |
None |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |