Date: Thu, 10 Oct 2002 18:05:34 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: "Nelson, Trent ." <tnelson@switch.com> Cc: "'chromexa@ovis.net'" <chromexa@ovis.net>, "'hackers@freebsd.org'" <hackers@freebsd.org> Subject: RE: FreeBSD usage in safety-critical environments Message-ID: <Pine.NEB.3.96L.1021010180208.39392D-100000@fledge.watson.org> In-Reply-To: <8F329FEDF58BD411BE5200508B10DA7607D71A12@exchptc1.switch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 9 Oct 2002, Nelson, Trent . wrote: > If you're referring to security criteria (Trusted Computer > Security Evaluation Criteria or ITSEC for Euro/UK), then no, FreeBSD > doesn't currently provide any features C2/F-C2+ configuration (Access > Control Lists, auditing, accountability, etc). This is being tackled by > TrustedBSD though, which I'm sure Robert Watson can provide some more > information on. We're actually close to feature completeness on the CAPP (Common Acess Protection Profile), which is logically equivilent to the old C2 TCSEC evaluation except expressed in the parlance of the Common Criteria, for 5.0. For example, we now have support for access control lists--we also have a number of features required for LSPP, which requires information labeling and mandatory protections. We don't current have an audit implementation, but I'm working to resolve that issue as soon as possible. The only big thing missing from the picture is actually someone who wants to bring FreeBSD to market with an evaluation--someone who's willing to go the distance on the evaluation process (paperwork, testing, etc). My goals for FreeBSD 6.0 include feature completeness on CAPP (C2) and LSPP (B1). > Although they are inter-related, the safety integrity level of > the system is what I was really querying. That tends to bring in a > whole host of metrics such as error and exception handling, standard > failure modes, MTBF, etc etc. Agreed. There are some similar notions, but they're not the same. I'm happy to take on the security feature issue, but I'm not qualified on the safety/reliability side. Anecdotately, FreeBSD has excellent up-time and strong failure tolerance, but you need something more than that in a formal sense. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021010180208.39392D-100000>