The L4Re Secure Separation Kernel has been approved by the German Federal Office for Information Security (BSI) for processing classified information up to level GEHEIM (secret). With the first operating system solution of its kind, Kernkonzept GmbH offers an important pillar for IT security and digital sovereignty in Germany.
The completion of the evaluation process confirms the reliability, security and quality of the L4Re technology, which is already used in many IT and VS security products for the secure separation of sensitive information, networks or critical security functions. As a medium-sized, owner-managed company, Kernkonzept is currently the only manufacturer of VS IT solutions to have such a highly approved separation core.
„With the approval of the L4Re Secure Separation Kernel, we are starting a new era for our customers by taking responsibility for the approval process and the associated requirements. As a particularly security-critical component in IT products, the operating system no longer has to be evaluated by our customers. This offers immense efficiency benefits – for manufacturers of VS IT products as well as for our country“, says Dr. Michael Hohmuth, CEO of Kernkonzept GmbH.
With the L4Re Secure Separation Kernel, manufacturers of VS products are now able to use a separation kernel that has already been approved for GEHEIM, thus steering their products through the approval process more quickly. Up until now, there was no other approved separation kernel, which is why manufacturers had to fully evaluate every operating system solution used in VS products.
The availability of the GEHEIM-approved L4Re Secure Separation Kernel means calculable costs and defined quality for manufacturers, users and evaluators.
The entire L4Re technology was developed strictly according to the principle of “security by design”, so attacks and technical malfunctions can be ruled out from the outset. The basis for this is the very small Trusted Computing Base of the L4Re Secure Separation Kernel, with only around 30,000 lines of code and a capability-based mandatory access control (MAC). These two features form the basis for zero-trust security architectures that can be implemented directly with the L4Re Secure Separation Kernel.
A separation kernel provides strict isolation between different security domains or classification levels within a computer system. Its main task is to ensure that the flow of information and interactions between these domains are controlled and secure. By implementing strong isolation mechanisms, a separation kernel helps to prevent unauthorized access, data leakage or interference between sensitive components. This is particularly important in scenarios where different levels of security or confidential information are present in the same computing environment at the same time.
Dr. Adam Lackorzynski, CTO and founder of Kernkonzept GmbH, is very glad about the approval of the L4Re Secure Separation Kernel VS by the BSI: “This also shows that the strict orientation at the security by design paradigm was the right path – it lead from the open-source-solution L4Re in the 2000s to the professional IT security operating system solution from the trusted company Kernkonzept.”
An approval issued by the BSI complies with the legal requirement to test IT security products and make a binding statement on the strength of the implemented security functions. In particular, IT security products that are used for the processing, transmission and storage of officially classified information (classified information, VS) in the area of the federal and state governments or at companies within the scope of federal or state government contracts require such an evaluation and assessment in accordance with the specifications of the classified information directive (VSA).
The BSI confirms the appropriateness of the IT security functions through an approval that specifies the maximum classification level of the classified information protected by the product. The L4Re Secure Separation Kernel was approved on the basis of the VS requirements profile “Separation Kernel” for the protection of data classified as GEHEIM.
Since October 2021, the intensive evaluation process for the L4Re Secure Separation Kernel has been running in close consultation with the independent and BSI-accredited test centers atsec information security GmbH and SRC Security Research & Consulting GmbH, as well as the BSI. The evidence provided by Kernkonzept relates not only to the secure and well-defined implementation of the product and the comprehensive, structured and comprehensible product documentation. They also cover the entire organizational structure, including the company processes relevant to secure development, production and product maintenance.
„With the processes that we established during the accreditation project we have made the L4Re technology even more secure”, says Dr. Hendrik Tews, Head of Certification, Accreditation, and Formal Methods at Kernkonzept. “Providing the necessary evidence for approval is a major achievement. The high programming standards that have been in place since the early years as an open source project at the Technical University of Dresden and Kernkonzept’s consistent focus on complete automation in testing and further quality control have paid off in this project and contributed significantly to Kernkonzept being able to master the approval of L4Re.“
