MCS Small Machine Operating System - Common Criteria (SMOSCC)

EAL4 augmented with ALC_DVS.2 and ALC_FLR.1
Security Target (ST)
Certification Report (CR)
MCS Small Machine Operating System - Common Criteria (SMOSCC)
Multi-application smart card integrated circuit (IC) operating system

MCS Microsystems Sdn Bhd


HW Chew

4th Floor, IRIS Smart Technology Complex,
Technology Park Malaysia, Bukit Jalil,

57000 Kuala Lumpur

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: +603 8996 9168
Fax: +603 8996 3168

Small Machine Operating System – Common Criteria or SMOSCC version 1.0.0 is a multi-application smart card integrated circuit (IC) operating system purpose-designed for national ID applications which also serves as an ideal platform for national e-passport. SMOSCC from MCS Microsystem Sdn Bhd is the Target of Evaluation (TOE) for Evaluation Assurance Level (EAL) 4 augmented with ALC_DVS.2 and ALC_FLR.1 evaluation.

SMOSCC simultaneously supports multiple custom applets with custom instruction sets and data structures from several agencies on a single smart card, limited only by the IC specification. Consider a national ID card with a host of other functions like driving license, PKI token, e-purse, and frequent traveller which will simplify the cardholder’s dealings with various private and public agencies.

The TOE includes an instruction agnostic virtual machine environment capable of providing a portable interface for smart card applications. It also provides several libraries providing hardware IC services such as cryptography to third party applications. The TOE implements the following components that reside upon hardware platform IC as mention below:

  • Small Machine - To implement a virtual machine to run loaded application and runtime API.
  • Early Lifecycle Manager - Used during the first phases of the TOEs lifecycle in order to commence the setup of the TOE.
  • SMOS Card Manager - Used once the TOE is an initialised state and manages the installation and removal of loaded applications and the SMOS card lifecycle.
  • Hardware Abstraction Layer - To provide access to low level IC routines.

The security function within the scope of TOE includes:

  • Application Firewall - To prevent applications from interfering with the execution and private data of other loaded applications and the operation of the TOE itself.
  • Application and Platform Management - To provide functionality for managing the secure installation/removal of loaded applications and enforcing its lifecycle.
  • Cryptographic Management - To utilise cryptographic mechanism in order to enforce the remaining TOE security functions.
  • TOE Self Protection and Testing - To provide a secure environment on which to host loaded applications. The TOE protects itself from physical tampering attacks and hardware failures by working in conjunction with its underlying hardware platform.

The TOE runs on a Common Criteria certified smart card IC hardware platform specified in Section 1.4 of the Security Target (Ref [6]). However, the underlying IC hardware platform, card acceptance devices and loaded applications (applets) are not part of the TOE. It communicates with card acceptance devices which exist within the environment, and supports ISO/IEC 7816 contact based, and ISO/IEC 14443 contactless based card acceptance devices.