RE: CC request for interpretation: testing while in normal mode?

Subject: RE: CC request for interpretation: testing while in normal mode?
From: "Knoke, Jim" <Jim.Knoke@GetronicsGov.com>
Date: Fri, 21 Jun 2002 14:29:57 -0400
content-class: urn:content-classes:message
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="us-ascii"
Thread-Index: AcGwwk20HolYwkyKQTmnBeRGwB/yZxojvWXA
Thread-Topic: CC request for interpretation: testing while in normal mode?


If the tests themselves are part of the TSF, and the TSF also includes
the normal mode operating system, but the tests run only in a
maintenance mode, does the operating system on top of which the tests
run also have to be part of the TSF?

> -----Original Message-----
> From: James Arnold [mailto:James.L.Arnold.Jr@saic.com] 
> Sent: Friday, February 08, 2002 11:57 AM
> To: Multiple recipients of list
> Subject: Re: CC request for interpretation: testing while in 
> normal mode?
> 
> 
> 
> I'm a little concerned about the NIB statement: "...the TSF 
> includes everything that contributes to security...". This is 
> simply not true. In general, the TSF includes the functions 
> related to the security functional requirements, but does not 
> include things related to the assurance requirements, for example.
> 
> Despite the poor wording, I agree that abstract machine and 
> TSF tests are part of the TSF. As noted in an earlier 
> response, the TOE can have multiple modes of operation and 
> such tests could be exercised in a mode other than what might 
> be considered normal. Regardless, such tests are part of the 
> TSF since they serve to implement security functional 
> requirements. Note that such tests and their associated 
> execution environments would necessarily be subject to the 
> same assurance requirements as the rest of the TSF. However, 
> I have to wonder about how such tests might be tested...
> 
> 
> Original question:
> 
> "The abstract machine testing (FPT_AMT.1) and TSF testing 
> (FPT_TST.1) requirements state the "the TSF shall run" a 
> suite of tests. This sounds like the tests have to be 
> runnable on the TOE itself, *while* the TOE is in a *normal* 
> operational state. But then the "evaluator application notes" 
> in sections J.1 and J.16 state that the tests can be run 
> while in an off-line or maintenance mode. Are all these 
> statements consistent?
> 
> As a product developer I'd be happy to have the flexibility 
> to only provide the tests in off-line or maintenance mode. In 
> those modes, does some form of TSF have to be running or can 
> a non-evaluated "operating system" be specified for running 
> the tests?"
> 
> NIAP Interpretations Board wrote:
> 
> > "...
> >
> > The current wording might not be straightforward, but it isn't 
> > inconsistent. Given that the TSF includes everything that 
> contributes 
> > to security, the off-line tests would also be included in the TSF."
> 
> 
>

Prev by Date: RE: Possible request for interpretation: low-level design doc questions
Next by Date: RE: Request for interpretation: treatment of hardware needed by software product
Prev by thread: Re: CC request for interpretation: testing while in normal mode?
Next by thread: Re: CC request for interpretation: testing while in normal mode?

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov