Curtiss-Wright Begins Common Criteria Certification Process for 2-Layer Encryption Capable Networked Data Storage System
ASHBURN, Va. – September 28, 2017 – Curtiss-Wright’s Defense Solutions division today announced that it has formally commenced the Common Criteria (ISO-15408) certification process for its Data Transport System (DTS1) Network Attached Storage (NAS) storage device. The rugged single-slot data recorder is the embedded industry’s first commercial off the shelf (COTS) data-at-rest (DAR) storage solution designed to support Commercial Solutions for Classified (CSfC) 2-Layer Encryption. CSfC 2-Layer Encryption is an NSA-approved approach for protecting classified National Security Systems (NSS) information in aerospace and defense applications that uses cost-effective commercial encryption technologies in a layered solution. In order to accelerate the protection of Top Secret data, the NSA established the CSfC program as an alternative approach to Type 1 encryption. By incorporating a 2-Layer encrypted CSfC solution, system integrators can significantly reduce the cost and time to develop and deploy secure DAR solutions. The small form-factor DTS1 is designed to store and protect large amounts of data on helicopters, Unmanned Aerial Vehicles (UAV), Unmanned Underwater Vehicles (UUV), Unmanned Ground Vehicles (UGV), and Intelligence Surveillance Reconnaissance (ISR) aircraft that require the protection of sensitive DAR.
“We are very proud to announce that we have begun the Common Criteria certification process for our DTS1 product, the industry’s first rugged network attached storage device to support 2 layers of encryption as described in NSA's Data-at-Rest Capability Package,” said Lynn Bamford, Senior Vice President and General Manager, Defense Solutions division. “Use of the DTS1, with its software and hardware encryption layers, will ease and speed the ability of system designers to protect Top Secret data with an NSA-approved cost-effective alternative to Type 1 encryption.”
To achieve NSA approval, COTS-based encryption components first require evaluation by the National Information Assurance Partnership (NIAP), the agency that oversees U.S. implementation of the Common Criteria validation of commercial IT products for use in national security systems. After beginning the Common Criteria evaluation process, the COTS component vendor can then commence the NSA’s CSfC review process in parallel. Upon successful completion of the Common Criteria evaluation, the results are then validated by NIAP and a Common Criteria certification is posted. NSA CSfC review and approval are the next steps. Then the DTS1 can be added to the NSA’s CSfC Components List and proposed in a layered CSfC solution by an integrator. Selecting a pre-approved device from the CSfC Components List enables system architects to rapidly design a COTS encryption solution and begin their system development, saving significant development cost and time, while also greatly reducing their program risk.
The NIAP evaluation is structured to meet the Common Criteria Evaluation and Validation Scheme (CCEVS) and is conducted by a commercial testing lab accredited under the National Voluntary Laboratory Accreditation Program (NVLAP). The DTS1 NAS system is being evaluated by Gossamer Laboratories’ Common Criteria Testing Laboratory, one of the nation’s leading evaluation and testing laboratories approved by the NIAP to conduct testing and evaluation for Common Criteria and other certifications critical to U.S. government customers.
About CSfC 2-Layer Encryption
Designed to support CSfC 2-Layer Encryption, the DTS1 uses two layers of commercially available Suite B cryptographic algorithms. This unique file server incorporates two distinct layers of COTS encryption into one certified device making protection of Top Secret data more cost effective. The DTS1’s two-layer data encryption process uses the NSA’s Data At Rest Capability Package as a design template and is based on the hardware and software full disk encryption (HS) solution approach. Both layers are being evaluated against two Common Criteria protection profiles – (1) collaborative Protection Profile for Full Disk Encryption – Encryption Engine and (2) collaborative Protection Profile for Full Disk Encryption – Authorization Acquisition.
About Common Criteria
Common Criteria is a technically demanding, international set of guidelines for security certification that is required by the U.S. and 27 national governments worldwide for departments and agencies seeking to procure commercial products. Common Criteria certification provides assurance that the process of specification, implementation and evaluation of technology products has been conducted in a rigorous, standard, and repeatable manner.
About the DTS1
The single-slot NAS device, which weighs less than 4.0 lb. and measures only 1.5 x 5.0 x 6.5” (38.1 x 127 x 165.1 mm), delivers up to 2 TB of solid state storage (SSD). The DTS1 supports PXE protocol so that all network clients on a vehicle or aircraft can quickly boot from the encrypted files on the DTS1’s removable memory cartridge (RMC). This approach both facilitates software updates for network clients and significantly improves SWaP by eliminating the need for individual hard disks to support each network client. Curtiss-Wright is initially offering 2-Layer Encryption support on two variants of the DTS1, the VS-DTS1SL-FD, which is designed for use with DZUS chassis, and the VSDTS1SL-F, which uses L-brackets to support flexible mounting within a space-constrained platform.
The DTS1 enables any network-enabled device to retrieve stored data or save new captured data. Networked devices using heterogeneous operating systems (Linux®, VxWorks®, Windows®, etc.) that support industry standard protocols (i.e, NFS, CIFS, FTP, or HTTP) can store data on the DTS1. The DTS1 also supports iSCSI protocol for block data storage and PCAP protocol for packet capture. The DTS1 is ideal for rugged applications that require the storage, removal, and transport of critical data such as cockpit data (mission, map, maintenance), ISR (camera, I&Q, sensors), mobile applications (ground radar, ground mobile, airborne ISR pods), heavy industrial (steel, refinery), and video/audio data collection (flight test instrumentation).
For more information about Curtiss-Wright’s Defense Solutions division, please visit www.curtisswrightds.com.
About Curtiss-Wright Corporation
Curtiss-Wright Corporation is a global innovative company that delivers highly engineered, critical function products and services to the commercial, industrial, defense and energy markets. Building on the heritage of Glenn Curtiss and the Wright brothers, Curtiss-Wright has a long tradition of providing reliable solutions through trusted customer relationships. The company employs approximately 8,000 people worldwide. For more information, visit www.curtisswright.com.
###
Note: Trademarks are property of their respective owners.