| name |
Sm@rtSIM CX Virgo v1.0 |
L4Re Secure Separation Kernel CC Version 1.0.1 |
| category |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
Operating Systems |
| scheme |
UK |
DE |
| status |
archived |
active |
| not_valid_after |
03.08.2021 |
18.02.2030 |
| not_valid_before |
03.08.2016 |
18.02.2025 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/CRP297v1.0.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/STlite297v2.2.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177b_pdf.pdf |
| manufacturer |
G+D Mobile Security GmbH |
Kernkonzept GmbH |
| manufacturer_web |
https://www.gi-de.com/de/de/mobile-security/ |
https://kernkonzept.com |
| security_level |
EAL4+, ALC_DVS.2, AVA_VAN.5 |
EAL4+, ALC_FLR.3 |
| dgst |
fd1f25a8ebc12dd4 |
7929b54ea442ff99 |
| heuristics/cert_id |
CRP297 |
|
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ALC_DVS.2, AVA_VAN.5 |
ALC_FLR.3 |
| heuristics/extracted_versions |
1.0 |
1.0.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
BSI-DSZ-CC-0915-2016 |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-0915-2016 |
{} |
| heuristics/scheme_data |
|
- category: Operating systems
- cert_id: BSI-DSZ-CC-1177-2025
- certification_date: 18.02.2025
- enhanced:
- applicant: Kernkonzept GmbH Buchenstraße 16 b 01097 Dresden Deutschland
- assurance_level: EAL4+,ALC_FLR.3
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177c_pdf.pdf?__blob=publicationFile&v=3
- certification_date: 18.02.2025
- description: The TOE is the L4Re Secure Separation Kernel CC 1.0.1 (L4Re SSK). L4Re SSK is a distribution of the open-source L4Re Operating System Framework. As such it is based on the L4Re Microkernel. The L4Re Microkernel is a 3rd-generation microkernel with a state-of-the-art capability-based mandatory access control security model. It allows the separation of applications into different security domains, information flow control, and, subject to access control, dynamic assignment of resources and communication channels. Further the L4Re Microkernel supports static workloads alongside dynamic workloads, which allows to start, restart and shutdown applications during runtime. L4Re SSK is configured to act as a separation kernel, to provide the security features claimed by the ST. The TOE supports native applications as well as virtual machines (VMs). Access to every resource including but not limited to memory, hardware devices and CPU cores is protected by capabilities. Applications and VMs can only access a resource if they possess a capability with suitable permissions for that resource.
- evaluation_facility: atsec information security GmbH
- expiration_date: 17.02.2030
- product: L4Re Secure Separation Kernel CC, Version 1.0.1
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177a_pdf.pdf?__blob=publicationFile&v=3
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177b_pdf.pdf?__blob=publicationFile&v=2
- product: L4Re Secure Separation Kernel CC, Version 1.0.1
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1177.html
- vendor: Kernkonzept GmbH
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
BSI-DSZ-CC-0915-2016 |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
BSI-DSZ-CC-0915-2016 |
{} |
| heuristics/protection_profiles |
9399bd94f9925b16 |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/ANSSI-CC-profil_PP-2010-03en.pdf |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
CRP297v1.0.pdf |
|
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 2: 2
- EAL 4: 1
- EAL 4 augmented: 1
- EAL1: 1
- EAL4: 1
- EAL5: 1
- EAL5 augmented: 1
- EAL7: 1
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- CCMB-2012-09-004: 1
- ISO:
- SCP:
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
|
|
| pdf_data/st_filename |
STlite297v2.2.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 4: 2
- EAL 5: 2
- EAL4: 2
- EAL4 augmented: 2
|
|
| pdf_data/st_keywords/cc_sar |
|
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_ARP.1: 12
- FAU_ARP.1.1: 2
- FAU_SAS.1: 1
- FCO:
- FCS:
- FCS_CKM: 1
- FCS_CKM.1: 5
- FCS_CKM.1.1: 2
- FCS_CKM.2: 5
- FCS_CKM.2.1: 2
- FCS_CKM.3: 5
- FCS_CKM.3.1: 2
- FCS_CKM.4: 5
- FCS_CKM.4.1: 4
- FCS_COP: 11
- FCS_COP.1: 11
- FCS_COP.1.1: 5
- FCS_PHP.3: 1
- FDP:
- FDP_ACC: 11
- FDP_ACC.1: 3
- FDP_ACC.2: 9
- FDP_ACF: 12
- FDP_ACF.1: 28
- FDP_IFC: 16
- FDP_IFC.1: 3
- FDP_IFC.2: 6
- FDP_IFF: 16
- FDP_IFF.1: 28
- FDP_IFF.1.2: 1
- FDP_IFF.1.4: 1
- FDP_ITC: 14
- FDP_ITC.2: 15
- FDP_ITT.1: 1
- FDP_MSA.3: 1
- FDP_RIP: 53
- FDP_RIP.1: 23
- FDP_ROL: 13
- FDP_ROL.1: 11
- FDP_SDC.1: 1
- FDP_SDI.2: 8
- FDP_SDI.2.1: 3
- FDP_SDI.2.2: 2
- FDP_UIT: 10
- FDP_UIT.1: 6
- FIA:
- FIA_ATD: 4
- FIA_ATD.1: 2
- FIA_UAU: 6
- FIA_UAU.1: 4
- FIA_UAU.4: 2
- FIA_UID: 15
- FIA_UID.1: 6
- FIA_UID.2: 2
- FIA_USB: 4
- FIA_USB.1: 6
- FMT:
- FMT_LIM.1: 1
- FMT_LIM.2: 1
- FMT_MSA: 61
- FMT_MSA.1: 12
- FMT_MSA.2: 3
- FMT_MSA.3: 26
- FMT_MSA.3.1: 2
- FMT_MTD: 10
- FMT_MTD.1: 2
- FMT_MTD.3: 2
- FMT_SMF: 21
- FMT_SMF.1: 13
- FMT_SMF.1.1: 2
- FMT_SMR: 20
- FMT_SMR.1: 18
- FMT_SMR.1.1: 2
- FMT_SMR.1.2: 2
- FPR:
- FPR_UNO.1: 7
- FPR_UNO.1.1: 2
- FPT:
- FPT_FLS: 24
- FPT_FLS.1: 23
- FPT_FLS.1.1: 3
- FPT_PHP.3: 8
- FPT_PHP.3.1: 2
- FPT_RCV: 8
- FPT_RCV.3: 11
- FPT_TDC.1: 3
- FPT_TDC.1.1: 2
- FPT_TDC.1.2: 3
- FPT_TST.2: 1
- FRU:
- FTP:
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.APPLET: 3
- A.APPS-PROVIDER: 5
- A.CONTROLLING-AUTHORITY: 5
- A.DELETION: 8
- A.KEY-ESCROW: 5
- A.PERSONALIZER: 5
- A.PRODUCTION: 5
- A.VERIFICATION: 3
- A.VERIFICATION-AUTHORITY: 4
- D:
- D.API_DATA: 1
- D.APP_CODE: 1
- D.APP_C_DATA: 1
- D.APP_I_DATA: 3
- D.APP_KEYS: 6
- D.APSD_KEYS: 5
- D.CARD_MNGT_DATA: 1
- D.CASD_KEYS: 4
- D.CRYPTO: 4
- D.GP_CODE: 1
- D.ISD_KEYS: 3
- D.JCS_CODE: 1
- D.JCS_DATA: 1
- D.PIN: 2
- D.SEC_DATA: 2
- D.VASD_KEYS: 4
- O:
- O.AES: 1
- O.ALARM: 19
- O.APPLET: 16
- O.APPLI-AUTH: 7
- O.CIPHER: 12
- O.CODE_PKG: 14
- O.DELETION: 10
- O.DOMAIN-RIGHTS: 14
- O.FIREWALL: 27
- O.GLOBAL-ARRAYS-: 2
- O.GLOBAL-ARRAYS-CONFID: 3
- O.GLOBAL-ARRAYS-INTEG: 2
- O.GLOBAL_ARRAYS_CONFID: 7
- O.GLOBAL_ARRAYS_INTEG: 7
- O.HMAC: 1
- O.INPUT-VALIDATION: 1
- O.INSTALL: 16
- O.JAVAOBJECT: 41
- O.KEY-MNGT: 12
- O.LOAD: 19
- O.NATIVE: 13
- O.OBJ-DELETION: 6
- O.OPERATE: 26
- O.PIN-: 2
- O.PIN-MNGT: 9
- O.REALLOCATION: 11
- O.REMOTE: 3
- O.REMOTE_MTHD: 1
- O.REMOTE_OBJ: 1
- O.RESOURCES: 11
- O.RMI_SERVICE: 1
- O.RND: 2
- O.ROR: 1
- O.SCP: 88
- O.SCP-IC: 1
- O.SCP-SUPPORT: 3
- O.SHA: 1
- O.SID: 24
- O.TDES: 1
- O.TRANSACTION: 11
- OE:
- OE.AID-MANAGEMENT: 6
- OE.AP-KEYS: 7
- OE.APPLET: 8
- OE.APPS-PROVIDER: 6
- OE.BASIC-: 3
- OE.BASIC-APPS-VALIDATION: 5
- OE.CA-: 1
- OE.CA-KEYS: 6
- OE.CARD-: 5
- OE.CARD-MANAGEMENT: 29
- OE.CODE-: 4
- OE.CODE-EVIDENCE: 17
- OE.CONTROLLING-AUTHORITY: 6
- OE.KEY-CHANGE: 7
- OE.KEY-ESCROW: 6
- OE.KEY-GENERATION: 7
- OE.PERSONALIZER: 6
- OE.PRODUCTION: 11
- OE.QUOTAS: 6
- OE.SCP: 24
- OE.SECURE-APPS-CERTIFICATION: 2
- OE.SECURITY-DOMAINS: 6
- OE.SHARE-CONTROL: 8
- OE.VA-KEYS: 9
- OE.VERIFICATION: 39
- OE.VERIFICATION-AUTHORITY: 6
- OP:
- OP.ARRAY_ACCESS: 3
- OP.CREATE: 7
- OP.DELETE_APPLET: 4
- OP.DELETE_PCKG: 3
- OP.DELETE_PCKG_APPLET: 3
- OP.GET_ROR: 1
- OP.INSTANCE_FIELD: 3
- OP.INVK_INTERFACE: 6
- OP.INVK_VIRTUAL: 5
- OP.INVOKE: 1
- OP.JAVA: 6
- OP.PUT: 5
- OP.RET_RORD: 1
- OP.THROW: 4
- OP.TYPE_ACCESS: 4
- OSP:
- OSP.AID-MANAGEMENT: 4
- OSP.APSD-KEYS: 6
- OSP.BASIC-APPS-VALIDATION: 2
- OSP.CASD-KEYS: 6
- OSP.KEY-CHANGE: 6
- OSP.KEY-GENERATION: 6
- OSP.QUOTAS: 5
- OSP.SECURE-APPS-CERTIFICATION: 2
- OSP.SECURITY-DOMAINS: 6
- OSP.SHARE-: 1
- OSP.SHARE-CONTROL: 3
- OSP.VASD-KEYS: 6
- OSP.VERIFICATION: 9
- R:
- T:
- T.CONFID-APPLI-DATA: 20
- T.CONFID-JCS-: 2
- T.CONFID-JCS-CODE: 7
- T.CONFID-JCS-DATA: 9
- T.DELETION: 5
- T.EXE-CODE: 8
- T.EXECODE: 1
- T.INSTALL: 8
- T.INTEG-: 1
- T.INTEG-APPLI-: 7
- T.INTEG-APPLI-CODE: 14
- T.INTEG-APPLI-DATA: 21
- T.INTEG-JCS-: 2
- T.INTEG-JCS-CODE: 5
- T.INTEG-JCS-DATA: 13
- T.INTEG-USER-DATA: 12
- T.LIFE_CYCLE: 5
- T.NATIVE: 6
- T.OBJ-DELETION: 4
- T.PHYSICAL: 7
- T.RESOURCES: 8
- T.RNG: 1
- T.SECURE-DELETION: 1
- T.SECURE_DELETION: 9
- T.SID: 18
- T.UNAUTHORIZED_ACCESS: 5
- T.UNAUTHORIZED_CARD-: 1
- T.UNAUTHORIZED_CARD-MNGT: 1
- T.UNAUTHORIZED_CARD_MNGT: 5
|
|
| pdf_data/st_keywords/vendor |
- Broadcom:
- GD:
- G&D: 1
- Giesecke & Devrient: 17
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- DES:
- 3DES:
- TDEA: 1
- TDES: 2
- Triple-DES: 12
- DES:
- constructions:
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-224: 2
- SHA-256: 2
- SHA-384: 1
- SHA-512: 2
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
- FI:
- Malfunction: 3
- physical tampering: 4
- SCA:
- DPA: 2
- Leak-Inherent: 2
- physical probing: 2
- other:
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- CCMB-2012-09-004: 1
- FIPS:
- FIPS 180-4: 3
- FIPS 197: 5
- FIPS 46-3: 2
- FIPS PUB 180-4: 1
- FIPS PUB 46-3: 1
- ISO:
- ISO/IEC 18031: 4
- ISO/IEC 9797-: 1
- ISO/IEC 9797-1: 3
- NIST:
- NIST SP 800-38: 1
- SP 800-108: 1
- RFC:
- SCP:
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
- javacard:
- javacard.framework: 3
- javacard.security: 13
- javacardx:
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- a timeout policy that prevent them from being blocked should a card fails to answer. That point is out of scope of this security target, though. Finally, the objectives O.SCP.RECOVERY and O.SCP.SUPPORT are: 1
- out of scope: 1
|
|
| pdf_data/st_metadata |
- /Augmentation: ALC_DVS.2 and AVA_VAN.5
- /Author: Giesecke & Devrient
- /Company: Giesecke & Devrient GmbH
- /CreationDate: D:20160801121713+02'00'
- /Creator: Acrobat PDFMaker 10.1 for Word
- /Keywords: Version 2.2/2016-08-01
- /ModDate: D:20160801121746+02'00'
- /Producer: Adobe PDF Library 10.0
- /SourceModified: D:20160801101640
- /State: Public
- /Styles: supported
- /Subject: SkySIM CX Virgo V1.0
- /TOE_Configuration: Basic configuration
- /TOE_HW_ST: BCM_SPS02 C0
- /TOE_Name: SkySIM CX Virgo V1.0
- /TemplVersion: 1.0
- /Title: Security Target Lite
- /conformance_claim: demonstrable
- pdf_file_size_bytes: 908468
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 101
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
False |
| state/report/download_ok |
True |
False |
| state/report/extract_ok |
True |
False |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |