MILS API WG – Rance DeLong, LynuxWorks (et al)
Rance De Long, LynuxWorks, provided an overview and facilitated an interactive discussion on a web conference to progress the MILS API work throughout Wednesday morning.
The MILS offering is that the promise of MILS, and its ultimate commercial success, is contingent upon the ability of developers to cost-effectively produce high-assurance MILS components (MILS middleware). To that end, the RT&ES Forum of The Open Group has initiated a MILS API Working Group to develop a standard for an application programming interface (API) for the development of high-assurance MILS middleware and applications.
The MILS API Working Group meets periodically throughout the year via teleconferences and web conferences. Their main priority is to evolve the MILS API Specification through consensus within the working group – and to submit it to The Open Group Review and Approval Process.
To participate in the MILS API Working Group and help in the development of the standard, please contact Joe Bergmann at firstname.lastname@example.org.
Assurance Case Templates – John Goodenough, CMU SEI 2
John Goodenough presented the Strategy for Reducing Effort and Increasing Confidence in Assurance Cases. He described the idea of domain-specific assurance templates and their advantages, discussing new and evolving ideas on what “confidence” might mean and how to develop confidence in an argument and how you could combine security assurance templates with associated arguments for justifying confidence.
The RT&ES Forum will explore the possibility of starting a new work group devoted to the creation of an Assurance Case template.
Update/Discussion on New NIAP Policy – Rance DeLong, LynuxWorks (et al)
Rance provided a presentation on the US Evaluation Policy, covering the following subjects:
- NIAP’s announcement of the sunset of the SKPP
- NIAP’s declared focus going forward
- Developments in the Common Criteria community
He facilitated the group discussion around these topics.