evaluation assurance level

A predefined package of assurance components that represents a point on the Common Criteria's scale for rating confidence in the security of information technology products and systems.

Tutorial: The Common Criteria defines a scale of seven, hierarchically ordered EALs for rating a TOE. From highest to lowest, they are as follows:

• EAL7. Formally verified design and tested.
• EAL6. Semiformally verified design and tested.
• EAL5. Semiformally designed and tested.
• EAL4. Methodically designed, tested, and reviewed.
• EAL3. Methodically tested and checked.
• EAL2. Structurally tested.
• EAL1. Functionally tested.

An EAL is a consistent, baseline set of requirements. The increase in assurance from EAL to EAL is accomplished by substituting higher assurance components (i.e., criteria of increasing rigor, scope, or depth) from seven assurance classes: (a) configuration management, (b) delivery and operation, (c) development, (d) guidance documents, (e) lifecycle support, (f) tests, and (g) vulnerability assessment.

The EALs were developed with the goal of preserving concepts of assurance that were adopted from earlier criteria, so that results of previous evaluations would remain relevant. For example, EALs levels 2-7 are generally equivalent to the assurance portions of the TCSEC C2-A1 scale. However, this equivalency should be used with caution. The levels do not derive assurance in the same manner, and exact mappings do not exist.