The EAL for Common Criteria are described briefly as:
EAL1: Functionally Tested. ...
EAL2: Structurally Tested. ...
EAL3: Methodically Tested and Checked. ...
EAL4: Methodically Designed, Tested, and Reviewed. ...
EAL5: Semi-Formally Designed and Tested. ...
EAL6: Semi-Formally Verified Design and Tested. ...
EAL7: Formally Verified Design and Tested.
Does "Formally Verified Design" refer to the source code undergoing static code analysis? Thus meaning that the source code would have to be disclosed to gain EAL > 4?