Раздел: Документация
0 ... 34 35 36 37 38 39 40 ... 73 In the context of the level of formality of the high-level design, informal, semiformal and formal are considered to be hierarchical in nature. Thus, ADVHLD. 1.1C and ADVHLD.2.1С may also be met with either a semiformal or formal high-level design, and ADVHLD.3.1C and ADVHLD.4.1C may also be met with a formal high-level design. ADV HLD.1 Descriptive high-level design Dependencies: ADVFSP.1 Informal functional specification ADVRCR.1 Informal correspondence demonstration Developer action elements: adv hld.1.1d The developer shall provide the high-level design of the TSF. Content and presentation of evidence elements: adv hld.1.1c The presentation of the high-level design shall be informal. The high-level design shall be internally consistent. advhld.1.2c advhld.1.3c advhld.1.4c advhld.1.5c advhld.1.6c advhld.1.7c The high-level design shall describe the structure of the TSF in terms of subsystems. The high-level design shall describe the security functionality provided by each subsystem of the TSF. The high-level design shall identify any underlying hardware, firmware, and/ or software required by the TSF with a presentation of the functions provided by the supporting protection mechanisms implemented in that hardware, firmware, or software. The high-level design shall identify all interfaces to the subsystems of the TSF. The high-level design shall identify which of the interfaces to the subsystems of the TSF are externally visible. Evaluator action elements: adv hld.1.1e The evaluator shall confirm that the information provided meets all requirements for content and presentation of evidence. adv hld.1.2e The evaluator shall determine that the high-level design is an accurate and complete instantiation of the TOE security functional requirements. ADV HLD.2 Security enforcing high-level design Dependencies: ADVFSP. 1 Informal functional specification ADVRCR. 1 Informal correspondence demonstration Developer action elements: adv hld.2.1d The developer shall provide the high-level design of the TSF. Content and presentation of evidence elements: adv hld.2.1c The presentation of the high-level design shall be informal. adv hld.2.2c The high-level design shall be internally consistent. adv hld.2.3c The high-level design shall describe the structure of the TSF in terms of subsystems. adv hld.2.4c The high-level design shall describe the security functionality provided by each subsystem of the TSF. adv hld.2.5c The high-level design shall identify any underlying hardware, firmware, and/or software required by the TSF with a presentation of the functions provided by the supporting protection mechanisms implemented in that hardware, firmware, or software. adv hld.2.6c The high-level design shall identify all interfaces to the subsystems of the TSF. adv hld.2.7c The high-level design shall identify which of the interfaces to the subsystems of the TSF are externally visible. adv hld.2.8c The high-level design shall describe the purpose and method of use of all interfaces to the subsystems of the TSF, providing details of effects, exceptions and error messages, as appropriate. adv hld.2.9c The high-level design shall describe the separation of the TOE into TSP-enforcing and other subsystems. Evaluator action elements: adv hld.2.1e The evaluator shall confirm that the information provided meets all requirements for content and presentation of evidence. adv hld.2.2e The evaluator shall determine that the high-level design is an accurate and complete instantiation of the TOE security functional requirements. ADVJHLD.3 Semiformal high-level design Dependencies: ADVFSP.3 Semiformal functional specification ADVRCR.2 Semiformal correspondence demonstration Developer action elements: adv hld.3.1d The developer shall provide the high-level design of the TSF. Content and presentation of evidence elements: adv hld.3.1c The presentation of the high-level design shall be semiformal. adv hld.3.2c The high-level design shall be internally consistent. adv hld.3.3c The high-level design shall describe the structure of the TSF in terms of subsystems. adv hld.3.4c The high-level design shall describe the security functionality provided by each subsystem of the TSF. adv hld.3.5c The high-level design shall identify any underlying hardware, firmware, and/or software required by the TSF with a presentation of the functions provided by the supporting protection mechanisms implemented in that hardware, firmware, or software. adv hld.3.6c The high-level design shall identify all interfaces to the subsystems of the TSF. adv hld.3.7c The high-level design shall identify which of the interfaces to the subsystems of the TSF are externally visible. adv hld.3.8c The high-level design shall describe the purpose and method of use of all interfaces to the subsystems of the TSF, providing complete details of all effects, exceptions and error messages. adv hld.3.9c The high-level design shall describe the separation of the TOE into TSP-enforcing and other subsystems. Evaluator action elements: adv hld.3.1e The evaluator shall confirm that the information provided meets all requirements for content and presentation of evidence. adv hld.3.2e The evaluator shall determine that the high-level design is an accurate and complete instantiation of the TOE security functional requirements. ADV HLD.4 Semiformal high-level explanation Dependencies: ADVFSP.3 Semiformal functional specification ADVRCR.2 Semiformal correspondence demonstration Developer action elements: adv hld.4.1d The developer shall provide the high-level design of the TSF. 0 ... 34 35 36 37 38 39 40 ... 73
|