Green Hills Software Rebuts Misinformation Propagated by Wind River

  SANTA BARBARA, CA, Nov 02 (MARKET WIRE) -- 
Green Hills Software, Inc., the world leader in secure operating systems
and the largest independent vendor of embedded software solutions, today
responded to false and misleading statements made by Marc Brown, vice
president, VxWorks Product Strategy and Marketing for Wind River. He is
quoted by Military Embedded Systems at
http://www.mil-embedded.com/articles/id/?4281 as saying that Green Hills
Software's INTEGRITY(R)-178B real-time operating system is not certified
under EAL6+. In response to a question about the INTEGRITY-178B operating
system, he replied:

    "[Green Hills Software] only certified under "high robustness"; they did
not certify under EAL6+, as they did not actually add in the necessary
requirements to comply with EAL6."

    This statement is false. The INTEGRITY-178B operating system is certified
to EAL6+ (and High Robustness). It is printed directly on the certificate
found on the NIAP web site
(http://www.niap-ccevs.org/st/st_vid10119-ci.pdf) and signed by Directors
of NIAP and the NSA. The certificate says "Assurance Level: EAL6+, High
Robustness" just above the "Original Signed By" in the lower left
signature block.

    Built from the Ground Up for High Robustness

    Mr. Brown goes on to say: "We've really tried to take a different approach
from some other companies...We're not tweaking or trying to force any new
requirements into an existing product." Of course, "some other companies"
and "an existing product" are indirect references to Green Hills Software
and INTEGRITY-178B.

    Let's set the record straight: the INTEGRITY operating system was
originally designed and developed for the purpose of formal security
evaluation with a deep understanding of the mathematical basis of
operating system security. The first deployment of the INTEGRITY
operating system was for a nuclear weapons delivery system: the B1-B
intercontinental nuclear bomber flight systems, navigation systems, and
weapons systems. Other early deployments of the INTEGRITY operating
system were for equally security critical systems: the B-52 and F-16
aircraft. Today, the INTEGRITY-178B operating system is being designed or
has been deployed into almost every major next-generation commercial and
military aircraft, including Boeing's new 787 Dreamliner, Airbus' new
A380 and A350 Airliners, Lockheed Martin's F-35 Lightning II Joint Strike
Fighter, F-22 Raptor, C-130J Super Hercules, and the VH-71 Marine One
helicopter, Airbus' new A400M military transport, Northrop Grumman's B-2
Spirit Stealth Bomber, Boeing's C-17 Globemaster III military transport,
Sikorsky's S-92 helicopter, Airbus' A320, A330 and A340 Airliners and
Boeing's 737, 747, 757, 767 Airliners.

    Mr. Brown went on to say, "One of the reasons Green Hills is not listed on
the NIAP's website under systems evaluated to EAL6+ is that there are
certain requirements that have to be satisfied in addition to developing
in compliance to the SKPP." We list the INTEGRITY-178B operating system
under High Robustness on the NIAP website rather than EAL6+ because an
expert in the field (which excludes Wind River Marketing) understands
that a High Robustness certification is significantly harder than an
EAL6+ or EAL7 evaluation because the U.S. government added 133 explicit
requirements over and above 154 EAL7 requirements (including formal
methods and NSA penetration testing) from the Common Criteria menu, in
order to meet High Robustness: protection of the most valuable resources
against the most sophisticated attackers.

    On the other hand, to the best of our knowledge, VxWorks MILS 2.0 has
never been deployed in anything or certified for anything. Until Wind
River has achieved an EAL6+ or High Robustness certification, Wind River's
pronouncements on security should be given no more weight than medical
advice from a medical student.

    Wind River Marketing: A Pattern of Certification Promises Broken

    Wind River's attacks on the INTEGRITY-178B operating system are an attempt
to deflect attention from Wind River's failure to keep repeated promises
to deliver a separation kernel certified to EAL7, EAL6+ or High
Robustness for security or certified to DO-178B Level A for safety. Their
repeated claims of imminent certification are interspersed with repeated
product failures and cancellations:


--  2001: announces VxWorks AE separation kernel, then withdrawn from the
    market as general product and renamed to AE653 for flight safety market
--  2002: promises EAL7 certification for VxWorks AE653
--  2002: promises DO-178B Level A certification for VxWorks AE653
--  2004: again announces it will meet EAL7 certification for VxWorks
    AE653
--  2004: promises POSIX Profile 54 conformance certification
--  2006: cancels EAL7 with VxWorks AE653, promises EAL7 for VxWorks MILS
--  2008: cancels EAL7 with VxWorks MILS, promises EAL7 for VxWorks MILS
    2.0
    

    
Nearing 2010, Wind River has failed to deliver on any of its
certification promises for a separation kernel: DO-178B Level A, High
Robustness, EAL6+, EAL7, or POSIX Profile 54. When Wind River says
"certifiable" they mean "not certified" and it may not ever be certified.

    Green Hills Engineering: A Pattern of Certification Promises Fulfilled

    In contrast, here is a timeline of Green Hills Software's separation
kernel promises and deliveries:


--  1997: releases INTEGRITY RTOS, first customer: Boeing B-1B
--  1999: promises DO-178B Level A certification
--  2002: delivers first of many DO-178B Level A customer certifications
--  2004: promises POSIX.1 conformance certification
--  2004: delivers POSIX.1 conformance certification
--  2005: promises EAL6+ certification
--  2008: delivers first ever NSA and NIAP certified EAL6+ certification
--  July 2009 -- delivers 2nd EAL6+ certification to a PowerPC 7448
    customer
--  Sept 2009 -- delivers 3rd EAL6+ certification to a PowerPC 8548
    customer
--  Oct 2009 -- delivers 4th, 5th and 6th EAL6+ certifications to PowerPC
    8245, 7410 and 7447A customers
    

    
INTEGRITY is a single technology, designed from the ground up to meet
the highest levels of both safety and security, surrounded by
world-leading development tools, an enormous ecosystem of device drivers
and middleware, conformance to open standards, ability to run virtualized
guest operating systems for maximum portability and reuse, more than a
decade of customer success, and backed by a trustworthy, successful,
independent vendor.

    "It is unfortunate that the acquisition of Wind River by Intel, a
respected multinational corporation, has not curbed Wind River's decade
long pattern of irresponsible certification claims," commented Dan
O'Dowd, chief executive officer and founder of Green Hills Software. "We
had been hearing this misinformation about the INTEGRITY-178B operating
system through the grapevine. Now, I think, we know where it is coming
from. I demand an immediate retraction and apology from Wind River, and a
promise to suppress the propagation of this misinformation by the Wind
River organization."

    About Green Hills Software

    Founded in 1982, Green Hills Software, Inc. is the largest independent
vendor of embedded development solutions. In 2008, the Green Hills
INTEGRITY-178B RTOS was the first and only operating system to be
certified by the NSA to EAL6+ High Robustness, the highest level of
security ever achieved for any software product. Our open architecture
integrated development solutions address deeply embedded, absolute
security and high-reliability applications for the military/avionics,
medical, industrial, automotive, networking, consumer and other markets
that demand industry-certified solutions. Green Hills Software is
headquartered in Santa Barbara, CA, with European headquarters in the
United Kingdom. Visit Green Hills Software at www.ghs.com.

    Green Hills, the Green Hills logo and INTEGRITY are trademarks or
registered trademarks of Green Hills Software, Inc. in the U.S. and/or
internationally. Intel is a trademark or registered trademark of Intel
Corporation in the United States and other countries. All other trademarks
are the property of their respective owners.

    Image Available: http://www2.marketwire.com/mw/frame_mw?attachid=1103128


Contact:
Green Hills Software, Inc.
Barbel French
805-965-6044
bfrench@ghs.com

Copyright 2009, Market Wire, All rights reserved.

-0-