Re: SFRs - Requirement Specification or Implementation Description?
On Thursday 30 November 2006 21:18, Squires, Alicia wrote:
> "The validator, however, insists that the ST must explicitly state its
> audit requirement because it clearly does not audit startup and shutdown
> of the audit function (because the TOE does not provide a capability to
> turn the audit function on and off)."
>
> I've had an issue with some evaluations not being able to meet FAU_SEL.1
> because they could not turn specific audit functionality on and off, but
> I've never heard of this being a requirement for FAU_GEN.1.
>
> The assertion that a requirement to generate audit events also requires
> the ability NOT to generate them is contradictory.
The real problem is with FAU_GEN.1 making the recording of start-up and
shutdown mandatory. While this is a nice thing to have for an OS, other TOEs
have problems with it.
In the "alternate" Part 2 drafts for CC 3.0 FAU_GEN was "parametrized" by
making these items (and others) part of selections.
Heavily summarized "The TSF shall audit [selection: TSF startup, TSF shutdown,
[assignment: other events]]"
A PP author was thereby forced to *consider* including startup and shutdown
(and others) when making the selections, but not forced to actually include
them.
Dirk-Jan
Date Index |
Thread Index |
Problems or questions? Contact list-master@nist.gov