Dresden, July 21, 2025 – The German Federal Office for Information Security (BSI) has granted the L4Re Secure Separation Kernel VS 1.0.0 approval for the classification level NATO SECRET.
With the approval for the NATO SECRET classification level, the L4Re Secure Separation Kernel VS 1.0.0 can now be used in security-critical applications within the NATO area. The approval paves the way for trustworthy communication and the protection of sensitive information on a multinational level. The L4Re Secure Separation Kernel VS 1.0.0 is the first and currently the only separation kernel approved for both secrecy levels VS GEHEIM and NATO SECRET.
“This approval is further proof of Kernkonzept’s expertise in the development of IT security solutions for classified information. Our European and international customers and partners can now extend the scope of their products to NATO SECRET classified information”, says Dr. Michael Hohmuth, CEO of Kernkonzept.
A separation kernel provides strict isolation between different security domains or classification levels within a computer system. The main task of the separation kernel is to ensure that the flow of information and interactions between these domains are controlled and secure. Through strong isolation mechanisms, it prevents unauthorized access, data leaks or interference between sensitive components. This is particularly important in scenarios where several levels of security or information with different levels of confidentiality are being processed on the same hardware.
The successfully completed NATO SECRET evaluation procedure of the BSI is particularly relevant for government authorities and companies in the defense and critical infrastructure sector, as accordingly classified data may only be processed with the approval for NATO SECRET.
“With the NATO SECRET approval for the L4Re Secure Separation Kernel VS 1.0.0, we offer another important building block for IT security in mission-critical environments in the NATO area,” says Dr. Adam Lackorzynski, founder and CTO of Kernkonzept GmbH. “This means that international customers with NATO-classified information now also have access to a secure operating system in the form of L4Re.”
To prevent attacks and technical malfunctions, the L4Re Secure Separation Kernel VS 1.0.0 was developed strictly according to the principle of “security by design” from the very beginning. With the very small Trusted Computing Base (TCB) and the capability-based mandatory access control (MAC), the L4Re Secure Separation Kernel VS 1.0.0 provides a high level of security which can be implemented directly.
L4Re technology has been used for many years in various IT and VS security products with NATO SECRET approval for the strict separation of sensitive information, networks or critical security functions. Since the beginning of 2024, Kernkonzept GmbH, a medium-sized, owner-managed company, has been the only provider of VS IT solutions with a GEHEIM-approved separation kernel.
-> See the list of NATO SECRET approved products on the BSI website
