Dresden, May 14, 2025 – The operating system L4Re Secure Separation Kernel CC 1.0.1 by Dresden’s software specialist Kernkonzept GmbH has received the demanding Common Criteria (CC) certification according to Evaluation Assurance Level 4+ (EAL 4+) by the Bundesamt für Sicherheit in der Informationstechnik (BSI). This underlines Kernkonzept’s consistent commitment to the highest IT security standards.
The EAL4+ certification in accordance with the globally recognized Common Criteria standard (ISO/IEC 15408) is confirmation that the L4Re technology meets the strictest international safety and reliability requirements.
“With the Common Criteria certification for the L4Re Secure Separation Kernel CC 1.0.1, we are relieving our customers of the time-consuming evaluation of their operating system as a security-critical component. This innovation brings considerable efficiency benefits for international manufacturers of security-critical IT products,” says Dr. Michael Hohmuth, CEO of Kernkonzept GmbH. “I am proud of our successful approval, which heralds a turning point.”
The certification confirms a comprehensive security analysis, including source code checks, penetration tests and strict development guidelines, as well as systematic elimination of defects in lifecycle support. Kernkonzept has worked hard for several years with the independent, BSI-accredited testing laboratory atsec information security GmbH and the German Federal Office for Information Security to meet these strict requirements. The Common Criteria Standard EAL 4 (+ ALC_FLR.3) corresponds to the test depth for the approval for GEHEIM/NATO SECRET.
With Common Criteria certification, manufacturers can calculate better and rely on defined quality standards. From now on, they can use a separation kernel already certified to EAL 4+ instead of having to fully certify the operating system solutions they use. This allows them to bring new IT products through the certification process more quickly and release them with less certification risk and improved time-to-market.
“The EAL4+ certification of our L4Re Secure Separation Kernel CC 1.0.1 underlines our strict focus on the paradigm of security by design,” says Dr. Adam Lackorzynski, CTO and founder of Kernkonzept GmbH. “We have developed L4Re from an open-source solution in the 2000s to a professional IT security operating system, and we are signaling to our customers and partners our ongoing commitment to their security with the EAL 4+ certification.”
The main task of a separation kernel is to control and secure the flow of information and interactions between different security domains or classification levels within a computer system. It uses strong isolation mechanisms to prevent unauthorized access, data leaks or interference between sensitive components. This is particularly important in scenarios with several security levels or information with different levels of confidentiality in the same computer environment.
The L4Re Secure Separation Kernel CC 1.0.1 was developed according to the strictest security principles. Its Trusted Computing Base (TBC) contains only 30,000 lines of code, compared to the million lines of code in the TCBs of common operating systems. With capability-based Mandatory Access Control (MAC), the L4Re technology is perfectly tailored to Zero Trust architecture.
The strong separation of system components is particularly relevant for security-critical applications in government, defense and industrial environments. In Germany, only a few software products have achieved the high EAL 4+ certification level to date. The L4Re Secure Separation Kernel has been used for several years in Germany, the EU and NATO up to GEHEIM/SECRET in software products from infodas, Airbus and genua.
The Certification Report BSI-DSZ-CC-1177-2025 is available from Kernkonzept.
