U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

eLxr Pro  12 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Wind Driver eLxr Pro 12.10 cpe:/o:windriver:elxr_pro:12.10 (View CVEs)

Checklist Highlights

Checklist Name:
eLxr Pro
Checklist ID:
1330
Version:
12
Type:
Compliance
Review Status:
Candidate
Authority:
Third Party: Not Available
Original Publication Date:
03/24/2026

Checklist Summary:

This checklist provides a secure baseline configuration for Wind River eLxr Pro 12, including hardening of user accounts, authentication, logging, crypto policies, network services, kernel parameters, and package management. It is intended to reduce the attack surface, align with NIST SP 80053 Rev. 5 security controls, and support use with automated SCAPcompatible tools such as OpenSCAP and EvaluateSTIG

Checklist Role:

  • Operating System

Known Issues:

Not provided.

Target Audience:

Security engineers, system administrators, and DevSecOps engineers responsible for deploying, configuring, and maintaining Wind River eLxr Pro in secure environments. Users should be familiar with Linux administration, shell, package management, and basic security concepts (accounts, permissions, logging, firewalls, SELinux/AppArmor if applicable)

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Virtual Machine using Virtual Box CPU: Intel Xeon Gold 6348 (Ice Lake)Server: Dell Server PowerEdge R750

Regulatory Compliance:

FISMA / NIST SP 80053 Rev. 5 (selected control mappings, especially AC, AU, CM, IA, SC families).NIST Cybersecurity Framework (Identify/Protect/Detect functions).FedRAMPaligned hardening for IaaS/PaaS hosts where eLxr Pro is used as the underlying OS.Support for DoD RMF and CNSSI 1253 where eLxr Pro hosts systems subject to those overlays

Comments/Warnings/Miscellaneous:

Users should test the checklist in a nonproduction environment before broad deployment.Some settings may need to be tailored for specific missions, performance requirements, or legacy applications (e.g., AI/ML workloads at the edge).Organizations should integrate this checklist into their changemanagement and configurationmanagement processes

Disclaimer:

This checklist is provided as is without warranty of any kind. Wind River Systems, Inc. does not accept liability for any loss or damage resulting from the use of this checklist. Organizations are responsible for testing and validating the checklist in their own environments and for ensuring that changes comply with applicable policies and regulations

Product Support:

Wind River will accept support calls from customers using eLxr Pro with this checklist, provided the configuration changes follow the documented procedures and are within supported use cases

Point of Contact:

[email protected]

Sponsor:

Wind River Systems, Inc.

Licensing:

The checklist content is Wind River Systems, Inc. 2026. It is provided for use by Wind River customers and partners under the terms of the applicable license agreement

Change History: 



					

						Dependency/Requirements:
					

					

						
							

								URL
								Description
							

						
						
							
						
					


					

						References:
					


					

						
							

								Reference URL
								Description
							

						
						
							
						
					


					

						NIST checklist record last modified on 03/24/2026
					

					   

							

							* This checklist is still undergoing review for inclusion into the NCP.