昨日のGreen Hills Softwareの製品を見ていたらプロテクションプロファイルに
Separation Kernel Protection Profile (SKPP)を使用しているようだ。

Green Hills Software's INTEGRITY-178B Operating System Achieves Major Milestone in Most Stringent OS Security Evaluation
http://www.ghs.com/news/20050829_eal6_skpp.html

ここの部分↓

INTEGRITY-178B is undergoing the most stringent security evaluation undertaken by an operating system under the International Common Criteria for Information Technology Security Evaluation standard (ISO 15408). INTEGRITY-178B is being evaluated for conformance to the Separation Kernel Protection Profile (SKPP), the most demanding Protection Profile currently defined. The evaluation is being done at Evaluation Assurance Level 6 augmented (EAL6+).

INTEGRITY-178B operating system　について

About INTEGRITY-178B

The INTEGRITY-178B operating system was designed from the ground up to meet the most demanding security and safety requirements. It employs a layered, high-assurance Multiple Independent Levels of Security (MILS) architecture with a small separation kernel at its core. INTEGRITY-178B has been designed into almost every major next-generation commercial and military aircraft, including the Boeing 787, Airbus A380, Lockheed Martin F-35 Joint Strike Fighter, F/A-22 Raptor, Eurofighter Typhoon, Airbus A400M and Boeing C-17 Globemaster.

with a small separation kernel とは仮想化しているでいいのかな