NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - CNS4 Hardware Encryption Layer vA1

CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

The Curtiss-Wright Defense Solutions Compact Network Storage 4-Slot Hardware Encryption Layer (hereafter referred to as the TOE) is a rugged Network Attached Storage (NAS) file server for use in Unmanned Aerial Vehicles (UAV), Unmanned Underwater Vehicles (UUV), and Intelligence Surveillance Reconnaissance (ISR) aircraft. Easily integrated into network centric systems, the is an easy to use, turnkey, rugged network File Server that houses four Flash Storage Modules (FSMs) that provides quick off load of data. The FSMs can be easily removed from the CNS4 and installed into any other providing full, seamless data transfer between one or more networks in separate locations (e.g. ground => vehicle => ground).

Evaluated Configuration

Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the Curtiss-Wright CNS4 CSfC Common Airborne Recorder CSfC Encrypted Data StorageUser Guide, DDOC0108-000-A2 document, satisfies all of the security functional requirements stated in the Curtiss-Wright Defense Solutions Compact Network Storage 4-Slot Hardware Encryption Layer (FDEEEcPP20E/FDEAAcPP20E) Security Target, Version 0.4, March 26, 2019. The project underwent CCEVS Validator review. The evaluation was completed in April 2019. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

Environmental Strengths

The logical boundaries of the TOE are realized in the security functions that it implements. Each of these security functions is summarized below.

Cryptographic support:

The TOE includes cryptographic functionality for key management, user authentication, and block-based encryption including: symmetric key generation, encryption/decryption, cryptographic hashing, keyed-hash message authentication, and password-based key derivation. These functions are supported with suitable random bit generation, key derivation, salt generation, initialization vector generation, secure key storage, and key destruction. These primitive cryptographic functions are used to encrypt Data-At-Rest (including the generation and protection of keys and key encryption keys) used by the TOE.

User data protection:

The TOE is designed to perform Full Drive Encryption on the entire drive (so that no plaintext exists) and does so without user intervention.

Security management:

The TOE provides each of the required management services necessary to manage the full drive encryption using a command line interface.

Protection of the TSF

The TOE implements a number of features designed to protect itself to ensure the reliability and integrity of its security features. It protects key and key material, and includes functions to perform self-tests and firmware integrity checking so that it might detect when it is failing or may be corrupt. If any of the self-tests fails, the TOE will not go into an operational mode.

Vendor Information

Curtiss-Wright Defense Solutions
Robin Lamb
Site Map              Contact Us              Home