Security requirements, traditionally relegated to military aircraft and weapons, are now being promulgated into everyday embedded systems such as automobiles, medical systems, radios, and household appliances. The embedded operating system must satisfy specific assurance and functionality requirements in order to help achieve the highest levels of security. This paper provides an overview of the modern security evaluation methodology, Common Criteria, and shows how secure operating systems can thwart would-be hackers and limit damage when a system in penetrated.