8(495)909-90-01
8(964)644-46-00
pro@sio.su
Главная
Системы видеонаблюдения
Охранная сигнализация
Пожарная сигнализация
Система пожаротушения
Система контроля удаленного доступа
Оповещение и эвакуация
Контроль периметра
Система домофонии
Парковочные системы
Проектирование слаботочных сетей
Аварийный
контроль
Раздел: Документация

0 ... 21 22 23 24 25 26 27 ... 73

Assurance class

Assurance components

Configuration management

ACMAUT.2 Complete CM automation

ACMCAP.5 Advanced support

ACM SCP.3 Development tools CM coverage

Delivery and operation

ADO DEL.2 Detection of modification

ADOIGS. 1 Installation, generation, and start-up procedures

Development

ADVFSP.3 Semiformal functional specification

ADV HLD.4 Semiformal high-level explanation

ADVIMP.3 Structured implementation of the TSF

ADV INT.2 Reduction of complexity

ADV LLD.2 Semiformal low-level design

ADVRCR.2 Semiformal correspondence demonstration

ADVSPM.3 Formal TOE security policy model

Guidance documents

AGDADM. 1 Administrator guidance

AGDUSR. 1 User guidance

Life cycle support

ALCDVS.2 Sufficiency of security measures

ALCLCD.2 Standardised life-cycle model

ALCTAT.3 Compliance with implementation standards - all parts

Tests

ATE COV.3 Rigorous analysis of coverage

ATEDPT.2 Testing: low-level design

ATEFUN.2 Ordered functional testing

ATE IND.2 Independent testing - sample

Vulnerability assessment

AVACCA.2 Systematic covert channel analysis

AVAMSU.3 Analysis and testing for insecure states

AVASOF.1 Strength of TOE security function evaluation

AVAVLA.4 Highly resistant


Objectives

EAL7 is applicable to the development of security TOEs for application in extremely high risk situations and/or where the high value of the assets justifies the higher costs. Practical application of EAL7 is currently limited to TOEs with tightly focused security functionality that is amenable to extensive formal analysis.

Assurance components

EAL7 (see Table 6.8) provides assurance by an analysis of the security functions, using a functional and complete interface specification, guidance documentation, the high-level and low-level design of the TOE, and a structured presentation of the implementation, to understand the security behaviour. Assurance is additionally gained through a formal model of the TOE security policy, a formal presentation of the functional specification and high-level design, a semiformal presentation of the low-level design, and formal and semiformal demonstration of correspondence between them, as appropriate. A modular, layered and simple TOE design is also required.

The analysis is supported by independent testing of the TOE security functions, evidence of developer testing based on the functional specification high-level design, low-level design and implementation representation, complete independent confirmation of the developer test results, strength of function analysis, evidence of a developer search for vulnerabilities, and an independent vulnerability analysis demonstrating resistance to penetration attackers with a high attack potential. The analysis also includes validation of the developers systematic covert channel analysis.

EAL7 also provides assurance through the use of a structured development process, development environment controls, and comprehensive TOE configuration management including complete automation, and evidence of secure delivery procedures.

This EAL represents a meaningful increase in assurance from EAL6 by requiring more comprehensive analysis using formal representations and formal correspondence, and comprehensive testing.


Assurance class

Assurance components

Configuration management

ACMAUT.2 Complete CM automation

ACMCAP.5 Advanced support

ACMSCP.3 Development tools CM coverage

Delivery and operation

ADO DEL.3 Prevention of modification

ADOIGS. 1 Installation, generation, and start-up procedures

Development

ADV FSP.4 Formal functional specification

ADV HLD.5 Formal high-level design

ADVIMP.3 Structured implementation of the TSF

ADV INT.3 Minimisation of complexity

ADV LLD.2 Semiformal low-level design

ADV RCR.3 Formal correspondence demonstration

ADVSPM.3 Formal TOE security policy model

Guidance documents

AGDADM. 1 Administrator guidance

AGDUSR.1 User guidance

Life cycle support

ALC DVS.2 Sufficiency of security measures

ALCLCD.3 Measurable life-cycle model

ALCTAT.3 Compliance with implementation standards - all parts

Tests

ATECOV.3 Rigorous analysis of coverage

ATE DPT.3 Testing: implementation representation

ATE FUN.2 Ordered functional testing

ATE IND.3 Independent testing - complete

AVA CCA.2 Systematic covert channel analysis

Vulnerability assessment

AVA MSU.3 Analysis and testing for insecure states

AVASOF.1 Strength of TOE security function evaluation

AVA VLA.4 Highly resistant



0 ... 21 22 23 24 25 26 27 ... 73