An Evaluation Assurance Level (EAL) is a security rank assigned to an IT product or system after a Common Criteria (CC) security evaluation. The level indicates to what extent the product or system was tested. A product or system must meet specific assurance requirements to achieve a particular EAL. Requirements involve design documentation, analysis and functional or penetration testing. The highest numerical level provides the highest guarantee that the system's principal security features are reliably applied and tested.
EAL 4: Methodically Designed, Tested and Reviewed. Analysis is supported by the low-level design of the modules of the TOE, and a subset of the implementation. Testing is supported by an independent search for obvious vulnerabilities. Development controls are supported by a life-cycle model, identification of tools, and automated configuration management. (5)