RE: Clarification/Correction on CC v3.1 ADV_TDS.3

Subject: RE: Clarification/Correction on CC v3.1 ADV_TDS.3
From: "Michelle Ruppel" <maruppel@saffiresys.com>
Date: Tue, 22 Jan 2008 13:33:49 -0600
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
In-Reply-To: <FA998122A677CF4390C1E291BFCF598908FE60B5@EXCH.missi.ncsc.mil>
References: <44C87EF1.19289.7D85AA@localhost> <004001c85c68$22b0deb0$0200a8c0@Desktop> <FA998122A677CF4390C1E291BFCF598908FE60B5@EXCH.missi.ncsc.mil>
Thread-Index: Achcai7RBO7t8MRpSNSfbhFe7NPvAgAlSH2AAAqS/EA=


Howard,

Thank you for the quick response.

I was looking at v3.1 Revision 1 dated Sept. 2006.

Version 3.1 Revsion 2 addresses my last question (#3 below), but I do not
belive it
addresses questions #1 and #2.

In Version 3.1 Revsion 2, it appears that the requirement to describe the
interaction with other modules is specified in both ADV_TDS.3.7C and
ADV_TDS.3.8C.
Is there a subtle difference here that I am missing?

- Michelle

-----Original Message-----
From: Cohen, Howard H. [mailto:hhcohen@missi.ncsc.mil] 
Sent: Tuesday, January 22, 2008 8:07 AM
To: Michelle Ruppel
Cc: cc-cmt@nist.gov
Subject: RE: Clarification/Correction on CC v3.1 ADV_TDS.3

Michelle,
	Are you looking at the latest version on CC part 3 and the CEM?
The current version is 3.1 Revision 2 dated Sept 2007.  It contains
changes to the areas you are questioning.  Please find the current
versions at
http://www.commoncriteriaportal.org/public/developer/index.php?menu=2 

Howard

*******************************************************************
(U) This email and any files transmitted with it are intended solely for
the
use of the individual or entity to whom they are addressed. If you have
received this email in error please notify the sender. 
****************************************************************** 
Howard H. Cohen
Senior Information Assurance Engineer
NSA/SAIC Contractor
PP/CCEVS Staff Support
410-854-4458
hhcohen@missi.ncsc.mil
Howard.H.Cohen@saic.com
****************************************************************** 
-----Original Message-----
From: cc-cmt@nist.gov [mailto:cc-cmt@nist.gov] On Behalf Of Michelle
Ruppel
Sent: Monday, January 21, 2008 3:07 PM
To: Multiple recipients of list
Subject: RE: Clarification/Correction on CC v3.1 ADV_TDS.3


Also note that the answer to Questions below probably also effects
ADV_TDS.4.

-----Original Message-----
From: Michelle Ruppel [mailto:maruppel@saffiresys.com] 
Sent: Monday, January 21, 2008 1:08 PM
To: 'cc-cmt@nist.gov'
Subject: Clarification/Correction on CC v3.1 ADV_TDS.3

Hi,

I have a few questions on ADV_TDS.3.

ADV_TDS.3.8C  "The design shall describe each SFR-enforcing module in
terms
of ... and called interfaces to other modules." 

1. Question:  Do all called interfaces to other modules need to be
identified or only the SFR-related interfaces to other SFR-enforcring
modules?

Interfaces to SFR-supporting and SFR-non-interfering modules are not
identified or described as part of the module description in ADV_TDS.3.
Non-SFR-related interfaces to SFR-enforcing modules are not identified
either.
It seems inconsistent to identify called interfaces to other modules
that are not even identified in the description of those other modules.

Based on what I have read, I think the following interpretation of this
portion of the requirement makes sense:

The design shall describe for each SFR-enforcing module the called
SFR-related interfaces to the other modules and the interactions with
other non-SFR-enforcing modules.

Can someone please clarify what is required?

2. While reading the CEM to find the answer to Question 1, I noticed
that
there are no CEM work units that require the evaluator to examine the
design
to determine that the description of the SFR-enforcing modules includes
the
called interfaces to other modules.
Have I missed it or is a work unit missing?

3. In CEM ADV_TDS.3-10, .3-11, and .3-12, should "non-SFR-supporting" be
"non-SFR-enforcing"?

Support:
CC v3.1 Part 3: ADV_TDS.3.9C "The design shall describe each
SFR-supporting
or SFR-non-interfering module in terms ..."

CEM v3.1: ADV_TDS.3-10 "The evaluator shall examine the TOE design to
determine that non-SFR-supporting modules are correctly categorised."

SFR-supporting or SFR-non-interfering modules are non-SFR-enforcing
modules,
not non-SFR-supporting modules.
The supportive text in paragraph 818 just below ADV_TDS.3-10 mentions
non-SFR-enforcing, not non-SFR-supporting.

Similarly with ADV_TDS.3-11 and ADV_TDS.3-12.

Thanks,

- Michelle


Michelle Ruppel
Saffire Systems
maruppel@saffiresys.com

References:
- Update on CCv3
  - From: "Observation Decisions Review Board" <faigin@aero.org>
- RE: Clarification/Correction on CC v3.1 ADV_TDS.3
  - From: "Michelle Ruppel" <maruppel@saffiresys.com>

Prev by Date: RE: Clarification/Correction on CC v3.1 ADV_TDS.3
Next by Date: CC v4 ideas and suggestions
Prev by thread: RE: Clarification/Correction on CC v3.1 ADV_TDS.3
Next by thread: PD 0127: Compliance with IDS Analyzer PP Export Requirements

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov