Re-Certification: L4Re Secure Separation Kernel CC 1.0.2 receives Common Criteria EAL4+ under new EUCC scheme

EUCC certification: a milestone for European sovereignty

The EUCC scheme marks the transition to a Europe-wide harmonized evaluation of IT security products and lays the foundation for secure digitalization in Europe. It integrates existing national procedures based on the Common Criteria (ISO 15408) into a unified framework and is recognized throughout the European Union. This will eliminate the need for time-consuming national recognition procedures within the EU in the future.

“With this recertification, we are demonstrating that we are continuously advancing our technology,” says Dr. Michael Hohmuth, CEO and founder of Kernkonzept GmbH. “For the security-critical systems of our customers and partners, it is essential that software certifications are regularly confirmed and updated.”

Confirmation of an established security approach

The EAL4+ certificate was issued in April 2026 for the L4Re Secure Separation Kernel CC 1.0.2. It is one of the first EUCC-compliant certificates to be issued by the German Federal Office for Information Security (BSI) and listed by ENISA. The evaluation is based on the Common Criteria v3.1 (ISO/IEC 15408) as well as the specific requirements of the EU Cybersecurity Framework. In addition to analysis of the security architecture, the evaluation includes extensive testing conducted by atsec information security GmbH.

With this successful evaluation, the product also meets the requirements for listing under the EUCC scheme. This confirms that the L4Re Secure Separation Kernel CC complies with strict international security requirements and fits seamlessly into the new European legal framework.

The L4Re Secure Separation Kernel CC is based on a microkernel architecture with a minimal Trusted Computing Base. This greatly reduces the attack surface, compared to classic operating systems. At the same time, the object-capability-based access control allows for a fine-grained control of resources and communication relationships between strictly isolated applications with different security levels.

“Our architecture consistently follows the approach of reducing security-critical functions to the absolute minimum and strictly separating them from one another,” explains Dr. Hendrik Tews, Head of Certification at Kernkonzept. “The recertification of the L4Re Secure Separation Kernel CC is a sign to our customers that they can continue to rely on L4Re technology in the future, as it complies with the new EU requirements and is suitable for international use.”

More planning certainty for manufacturers of security-critical systems

For manufacturers of security-critical IT systems the recertification to CC v3.1 provides an important foundation: With the L4Re Secure Separation Kernel CC 1.0.2 they can continue to rely on an already certified separation kernel, thereby reducing their own certification efforts. This simplifies the development and certification of complex systems, particularly in regulated sectors such as critical infrastructure.

The voluntary EUCC certification of the L4Re Secure Separation Kernel CC offers clear benefits for manufacturers and users of software products:

• Thanks to the composition-based approach firmly embedded in the certification process, customers who choose the L4Re Secure Separation Kernel CC for their high-assurance product can significantly simplify their own certification process.
• Using a certified separation kernel and following the configuration guidance significantly reduces certification risk and time.
• Customers can focus on the certification process for their own products, thereby significantly shortening time-to-market.

With the successful recertification of the L4Re Secure Separation Kernel CC to CC v3.1 under the new EUCC scheme, Kernkonzept underscore their goal to maintain secure virtualization and operating system technologies at a consistently reliable and traceable security level and to provide a cornerstone of European digital sovereignty with L4Re.