ProvenRun Certifications and High‑Assurance Evaluations
ProvenRun has built a strong reputation for delivering operating systems and security components that meet the highest international assurance standards. Our technologies have undergone multiple independent evaluations across several hardware architectures, consistently demonstrating the maturity and verifiable strength of our secure‑by‑design approach.
2019
Common Criteria EAL7 Certification
In 2019, ProvenCore running on an Arm‑based platform achieved Common Criteria EAL7, one of the highest assurance levels in the CC framework. Reaching EAL7 requires formal verification to ensure the absence of design flaws, and ProvenCore became the first operating system of its kind to reach this level.
2019
Common Criteria EAL7 Certification
In 2019, ProvenCore running on an Arm‑based platform achieved Common Criteria EAL7, one of the highest assurance levels in the CC framework. Reaching EAL7 requires formal verification to ensure the absence of design flaws, and ProvenCore became the first operating system of its kind to reach this level.
2022
SESIP Level 3 for ProvenCore‑M
ProvenCore‑M earned SESIP Level 3 certification in 2022. SESIP is tailored for connected devices, and Level 3 focuses on defenses against attackers with moderate capabilities. This recognition highlights ProvenCore‑M's robust architecture for embedded and IoT‑focused environments.
2022
SESIP Level 3 for ProvenCore‑M
ProvenCore‑M earned SESIP Level 3 certification in 2022. SESIP is tailored for connected devices, and Level 3 focuses on defenses against attackers with moderate capabilities. This recognition highlights ProvenCore‑M's robust architecture for embedded and IoT‑focused environments.
2022
Common Criteria EAL5+ Evaluation on RISC‑V
Later in 2022, ProvenCore‑M completed an EAL5+ evaluation on a RISC‑V platform. Although a formal certificate was not requested from ANSSI, the successful evaluation demonstrated ProvenCore‑M's portability and resilience across different processor architectures.
2022
Common Criteria EAL5+ Evaluation on RISC‑V
Later in 2022, ProvenCore‑M completed an EAL5+ evaluation on a RISC‑V platform. Although a formal certificate was not requested from ANSSI, the successful evaluation demonstrated ProvenCore‑M's portability and resilience across different processor architectures.
2023
PSA Certified Level 3 & SESIP Level 3 with STMicroelectronics
In 2023, ProvenCore‑M was integrated into an STMicroelectronics platform—under the name Secure Manager—that achieved both PSA Certified Level 3 and SESIP Level 3. These certifications validated the strength of the entire hardware/software stack against attackers with advanced capabilities, including those with physical access.
2023
PSA Certified Level 3 & SESIP Level 3 with STMicroelectronics
In 2023, ProvenCore‑M was integrated into an STMicroelectronics platform—under the name Secure Manager—that achieved both PSA Certified Level 3 and SESIP Level 3. These certifications validated the strength of the entire hardware/software stack against attackers with advanced capabilities, including those with physical access.
Pending
FIPS 140-3 Level 3 & Common Criteria EAL5+
ProvenRun is pursuing high-assurance certification for its secure platforms through FIPS 140-3 Level3 and Common Criteria EAL5+ evaluations. This includes ProvenCore running on ProvenBox hardware, as well as ProvenHSM targeting Common Criteria EAL5+ with AVA_VAN.5. The target of evaluation (TOE) includes the addition of applications, and will allow independnent software vendors (ISV) to use compositionality within their own security certification evaluations. These certification efforts reflect ProvenRun’s focus on formally proven security, strong cryptographic protection, and trusted execution for critical systems.
Pending
FIPS 140-3 Level 3 & Common Criteria EAL5+
ProvenRun is pursuing high-assurance certification for its secure platforms through FIPS 140-3 Level3 and Common Criteria EAL5+ evaluations. This includes ProvenCore running on ProvenBox hardware, as well as ProvenHSM targeting Common Criteria EAL5+ with AVA_VAN.5. The target of evaluation (TOE) includes the addition of applications, and will allow independnent software vendors (ISV) to use compositionality within their own security certification evaluations. These certification efforts reflect ProvenRun’s focus on formally proven security, strong cryptographic protection, and trusted execution for critical systems.
FEATURES
A proven commitment to high‑assurance security
Across architectures (Arm and RISC‑V), evaluation schemes (Common Criteria, SESIP, PSA Certified), and industry partners, ProvenRun consistently demonstrates that high‑assurance, formally‑verified security can scale to real‑world products. These certifications reflect our ongoing commitment to delivering operating systems that meet the needs of regulated industries, safety‑critical infrastructures, and next‑generation IoT platforms.