Include the state-of-the-art formal verification as compliance methods for the Operating Systems
Vertical standards for security requirements
What does the work you will carry out for the CYBERSTAND SSP consist of?
Contributing to the Operating Systems vertical standard, aiming to integrate formal software verification as a practical, state-of-the-art, and increasingly adopted approach to securing critical software systems.
What is the expected result and impact of this activity?
Ensuring that formal verification is included in the CRA standardisation effort can significantly strengthen the quality, credibility, and long-term effectiveness of the resulting harmonised standards. As the state-of-the-art approach for high-assurance security-critical systems, formal verification improves predictability, reproducibility, and clarity in the conformity assessment process.
Which aspects of the Cyber Resilience Act (CRA) standardisation are you focusing on?
The Operating Systems vertical standard, and in particular its mitigations for secure design and development, the confidentiality of data stored on the product, and the integrity of data stored.
