EAL

Question 1

What is EAL?

Answer 1

Evaluation Assurance Levels

Question 2

What are EALs defined in?

Answer 2

Common Criteria

Question 3

What is EAL 1?

Answer 3

The product is functionally tested; this is sought when some assurance in accurate operation is necessary, but the threats to security are not seen as serious.

Question 4

What is EAL 2?

Answer 4

Structurally tested; this is sought when developers or users need a low to moderate level of independently guaranteed security.

Question 5

What is EAL 3?

Answer 5

Methodically tested and checked; this is sought when there is a need for a moderate level of independently ensured security.

Question 6

What is EAL 4?

Answer 6

Methodically designed, tested, and reviewed; this is sought when developers or users require a moderate to high level of independently ensured security.

Question 7

What is EAL 5?

Answer 7

Semiformally designed and tested; this is sought when the requirement is for a high level of independently ensured security.

Question 8

What is EAL 6?

Answer 8

Semiformally verified, designed, and tested; this is sought when developing specialized TOEs for high-risk situations.

Question 9

What is EAL 7?

Answer 9

Formally verified, designed, and tested; this is sought when developing a security TOE for application in extremely high-risk situations.