Re: I-0413: Assurance Of RVM Is By Testing And Design Analysis

Subject: Re: I-0413: Assurance Of RVM Is By Testing And Design Analysis
From: James Arnold <arnoldj1@saic.com>
Date: Mon, 15 Jan 2001 14:28:29 -0500
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii


I-0413: Assurance Of RVM Is By Testing And Design Analysis

I disagree with the issue statement.  I think that most of the security
functional requirements are not "completely testable" through the TSF
interface.  Such testing must be supported and bounded by design
analysis.  In this respect I believe that RVM is not outstanding.
Regardless, I also believe that the CC (in the form of EAL assurance
security requirement packages) is pretty clear that both design analysis
and testing is required for all security functions.  Hence, I do not
believe that this interpretation has value.

Prev by Date: Re: I-0393: A Completely Evaluated ST Is Not Required When TOE Evaluation Starts
Next by Date: Re: I-0387: Auditing Of Audit Storage Failures
Prev by thread: I-0413: Assurance Of RVM Is By Testing And Design Analysis
Next by thread: Re: I-0413: Assurance Of RVM Is By Testing And Design Analysis

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov