BS EN ISO/IEC 15408-3:2020
$215.11
Information technology. Security techniques. Evaluation criteria for IT security – Security assurance components
| Published By | Publication Date | Number of Pages |
| BSI | 2020 | 192 |
This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component Targets of Evaluation (TOEs), the composed assurance packages (CAPs) that define a scale for measuring assurance for composed TOEs, the individual assurance components from which the assurance levels and packages are composed, and the criteria for evaluation of Protection Profiles (PPs) and Security Targets (STs).
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 2 | undefined |
| 5 | European foreword Endorsement notice |
| 17 | Scope Normative references Terms and definitions, symbols and abbreviated terms Overview Organisation of this part of ISO/IEC 15408 |
| 18 | Assurance paradigm ISO/IEC 15408 philosophy Assurance approach Significance of vulnerabilities |
| 19 | Cause of vulnerabilities ISO/IEC 15408 assurance Assurance through evaluation ISO/IEC 15408 evaluation assurance scale |
| 20 | Security assurance components Security assurance classes, families and components structur Assurance class structure Class name Class introduction Assurance families |
| 21 | Assurance family structure Family name Objectives |
| 22 | Component levelling Application notes Assurance components Assurance component structure Component identification |
| 23 | Objectives Application notes Dependencies Assurance elements |
| 24 | Assurance elements Component taxonomy |
| 25 | EAL structure EAL name Objectives Application notes |
| 26 | Assurance components Relationship between assurances and assurance levels |
| 27 | CAP structure CAP name Objectives Application notes |
| 28 | Assurance components |
| 29 | Relationship between assurances and assurance levels Evaluation assurance levels |
| 30 | Evaluation assurance level (EAL) overview |
| 31 | Evaluation assurance level details Evaluation assurance level 1 (EAL1) – functionally tested Objectives |
| 32 | Assurance components Evaluation assurance level 2 (EAL2) – structurally tested Objectives Assurance components |
| 33 | Evaluation assurance level 3 (EAL3) – methodically tested an Objectives Assurance components |
| 34 | Evaluation assurance level 4 (EAL4) – methodically designed, Objectives Assurance components |
| 35 | Evaluation assurance level 5 (EAL5) – semiformally designed Objectives Assurance components |
| 36 | Evaluation assurance level 6 (EAL6) – semiformally verified Objectives Assurance components |
| 37 | Evaluation assurance level 7 (EAL7) – formally verified desi Objectives |
| 38 | Assurance components |
| 39 | Composed assurance packages Composed assurance package (CAP) overview |
| 40 | Composed assurance package details Composition assurance level A (CAP-A) – Structurally compose Objectives Assurance components |
| 41 | Composition assurance level B (CAP-B) – Methodically compose Objectives Assurance components |
| 42 | Composition assurance level C (CAP-C) – Methodically compose Objectives Assurance components |
| 43 | Class APE: Protection Profile evaluation |
| 44 | PP introduction (APE_INT) Objectives APE_INT.1 PP introduction Developer action elements APE_INT.1.1D Content and presentation elements APE_INT.1.1C APE_INT.1.2C APE_INT.1.3C |
| 45 | APE_INT.1.4C APE_INT.1.5C Evaluator action elements APE_INT.1.1E Conformance claims (APE_CCL) Objectives APE_CCL.1 Conformance claims Developer action elements APE_CCL.1.1D APE_CCL.1.2D APE_CCL.1.3D Content and presentation elements APE_CCL.1.1C APE_CCL.1.2C |
| 46 | APE_CCL.1.3C APE_CCL.1.4C APE_CCL.1.5C APE_CCL.1.6C APE_CCL.1.7C APE_CCL.1.8C APE_CCL.1.9C APE_CCL.1.10C APE_CCL.1.11C Evaluator action elements APE_CCL.1.1E |
| 47 | Security problem definition (APE_SPD) Objectives APE_SPD.1 Security problem definition Developer action elements APE_SPD.1.1D Content and presentation elements APE_SPD.1.1C APE_SPD.1.2C APE_SPD.1.3C APE_SPD.1.4C Evaluator action elements APE_SPD.1.1E Security objectives (APE_OBJ) Objectives |
| 48 | Component levelling APE_OBJ.1 Security objectives for the operational environmen Developer action elements APE_OBJ.1.1D Content and presentation elements APE_OBJ.1.1C Evaluator action elements APE_OBJ.1.1E APE_OBJ.2 Security objectives Developer action elements APE_OBJ.2.1D APE_OBJ.2.2D Content and presentation elements APE_OBJ.2.1C APE_OBJ.2.2C |
| 49 | APE_OBJ.2.3C APE_OBJ.2.4C APE_OBJ.2.5C APE_OBJ.2.6C Evaluator action elements APE_OBJ.2.1E Extended components definition (APE_ECD) Objectives APE_ECD.1 Extended components definition Developer action elements APE_ECD.1.1D APE_ECD.1.2D Content and presentation elements APE_ECD.1.1C |
| 50 | APE_ECD.1.2C APE_ECD.1.3C APE_ECD.1.4C APE_ECD.1.5C Evaluator action elements APE_ECD.1.1E APE_ECD.1.2E Security requirements (APE_REQ) Objectives Component levelling APE_REQ.1 Stated security requirements Developer action elements APE_REQ.1.1D |
| 51 | APE_REQ.1.2D Content and presentation elements APE_REQ.1.1C APE_REQ.1.2C APE_REQ.1.3C APE_REQ.1.4C APE_REQ.1.5C APE_REQ.1.6C Evaluator action elements APE_REQ.1.1E APE_REQ.2 Derived security requirements Developer action elements APE_REQ.2.1D APE_REQ.2.2D |
| 52 | Content and presentation elements APE_REQ.2.1C APE_REQ.2.2C APE_REQ.2.3C APE_REQ.2.4C APE_REQ.2.5C APE_REQ.2.6C APE_REQ.2.7C APE_REQ.2.8C APE_REQ.2.9C Evaluator action elements APE_REQ.2.1E Class ASE: Security Target evaluation |
| 53 | ST introduction (ASE_INT) Objectives ASE_INT.1 ST introduction Developer action elements ASE_INT.1.1D Content and presentation elements ASE_INT.1.1C |
| 54 | ASE_INT.1.2C ASE_INT.1.3C ASE_INT.1.4C ASE_INT.1.5C ASE_INT.1.6C ASE_INT.1.7C ASE_INT.1.8C Evaluator action elements ASE_INT.1.1E ASE_INT.1.2E Conformance claims (ASE_CCL) Objectives ASE_CCL.1 Conformance claims |
| 55 | Developer action elements ASE_CCL.1.1D ASE_CCL.1.2D Content and presentation elements ASE_CCL.1.1C ASE_CCL.1.2C ASE_CCL.1.3C ASE_CCL.1.4C ASE_CCL.1.5C ASE_CCL.1.6C ASE_CCL.1.7C ASE_CCL.1.8C ASE_CCL.1.9C |
| 56 | ASE_CCL.1.10C Evaluator action elements ASE_CCL.1.1E Security problem definition (ASE_SPD) Objectives ASE_SPD.1 Security problem definition Developer action elements ASE_SPD.1.1D Content and presentation elements ASE_SPD.1.1C ASE_SPD.1.2C ASE_SPD.1.3C ASE_SPD.1.4C Evaluator action elements ASE_SPD.1.1E |
| 57 | Security objectives (ASE_OBJ) Objectives Component levelling ASE_OBJ.1 Security objectives for the operational environmen Developer action elements ASE_OBJ.1.1D Content and presentation elements ASE_OBJ.1.1C Evaluator action elements ASE_OBJ.1.1E ASE_OBJ.2 Security objectives Developer action elements ASE_OBJ.2.1D ASE_OBJ.2.2D |
| 58 | Content and presentation elements ASE_OBJ.2.1C ASE_OBJ.2.2C ASE_OBJ.2.3C ASE_OBJ.2.4C ASE_OBJ.2.5C ASE_OBJ.2.6C Evaluator action elements ASE_OBJ.2.1E Extended components definition (ASE_ECD) Objectives ASE_ECD.1 Extended components definition Developer action elements ASE_ECD.1.1D |
| 59 | ASE_ECD.1.2D Content and presentation elements ASE_ECD.1.1C ASE_ECD.1.2C ASE_ECD.1.3C ASE_ECD.1.4C ASE_ECD.1.5C Evaluator action elements ASE_ECD.1.1E ASE_ECD.1.2E Security requirements (ASE_REQ) Objectives Component levelling |
| 60 | ASE_REQ.1 Stated security requirements Developer action elements ASE_REQ.1.1D ASE_REQ.1.2D Content and presentation elements ASE_REQ.1.1C ASE_REQ.1.2C ASE_REQ.1.3C ASE_REQ.1.4C ASE_REQ.1.5C ASE_REQ.1.6C Evaluator action elements ASE_REQ.1.1E ASE_REQ.2 Derived security requirements |
| 61 | Developer action elements ASE_REQ.2.1D ASE_REQ.2.2D Content and presentation elements ASE_REQ.2.1C ASE_REQ.2.2C ASE_REQ.2.3C ASE_REQ.2.4C ASE_REQ.2.5C ASE_REQ.2.6C ASE_REQ.2.7C ASE_REQ.2.8C ASE_REQ.2.9C Evaluator action elements ASE_REQ.2.1E |
| 62 | TOE summary specification (ASE_TSS) Objectives Component levelling ASE_TSS.1 TOE summary specification Developer action elements ASE_TSS.1.1D Content and presentation elements ASE_TSS.1.1C Evaluator action elements ASE_TSS.1.1E ASE_TSS.1.2E |
| 63 | ASE_TSS.2 TOE summary specification with architectural desig Developer action elements ASE_TSS.2.1D Content and presentation elements ASE_TSS.2.1C ASE_TSS.2.2C ASE_TSS.2.3C Evaluator action elements ASE_TSS.2.1E ASE_TSS.2.2E |
| 64 | Class ADV: Development |
| 68 | Security Architecture (ADV_ARC) Objectives Component levelling Application notes |
| 69 | ADV_ARC.1 Security architecture description Developer action elements ADV_ARC.1.1D ADV_ARC.1.2D ADV_ARC.1.3D Content and presentation elements ADV_ARC.1.1C ADV_ARC.1.2C ADV_ARC.1.3C ADV_ARC.1.4C ADV_ARC.1.5C |
| 70 | Evaluator action elements ADV_ARC.1.1E Functional specification (ADV_FSP) Objectives Component levelling Application notes |
| 71 | Detail about the Interfaces |
| 72 | Components of this Family ADV_FSP.1 Basic functional specification Developer action elements ADV_FSP.1.1D |
| 73 | ADV_FSP.1.2D Content and presentation elements ADV_FSP.1.1C ADV_FSP.1.2C ADV_FSP.1.3C ADV_FSP.1.4C Evaluator action elements ADV_FSP.1.1E ADV_FSP.1.2E ADV_FSP.2 Security-enforcing functional specification Developer action elements ADV_FSP.2.1D ADV_FSP.2.2D Content and presentation elements ADV_FSP.2.1C |
| 74 | ADV_FSP.2.2C ADV_FSP.2.3C ADV_FSP.2.4C ADV_FSP.2.5C ADV_FSP.2.6C Evaluator action elements ADV_FSP.2.1E ADV_FSP.2.2E ADV_FSP.3 Functional specification with complete summary Developer action elements ADV_FSP.3.1D ADV_FSP.3.2D Content and presentation elements ADV_FSP.3.1C ADV_FSP.3.2C |
| 75 | ADV_FSP.3.3C ADV_FSP.3.4C ADV_FSP.3.5C ADV_FSP.3.6C ADV_FSP.3.7C Evaluator action elements ADV_FSP.3.1E ADV_FSP.3.2E ADV_FSP.4 Complete functional specification Developer action elements ADV_FSP.4.1D ADV_FSP.4.2D Content and presentation elements ADV_FSP.4.1C ADV_FSP.4.2C |
| 76 | ADV_FSP.4.3C ADV_FSP.4.4C ADV_FSP.4.5C ADV_FSP.4.6C Evaluator action elements ADV_FSP.4.1E ADV_FSP.4.2E ADV_FSP.5 Complete semi-formal functional specification with Developer action elements ADV_FSP.5.1D ADV_FSP.5.2D Content and presentation elements ADV_FSP.5.1C ADV_FSP.5.2C ADV_FSP.5.3C |
| 77 | ADV_FSP.5.4C ADV_FSP.5.5C ADV_FSP.5.6C ADV_FSP.5.7C ADV_FSP.5.8C ADV_FSP.5.9C Evaluator action elements ADV_FSP.5.1E ADV_FSP.5.2E ADV_FSP.6 Complete semi-formal functional specification with Developer action elements ADV_FSP.6.1D ADV_FSP.6.2D ADV_FSP.6.3D |
| 78 | Content and presentation elements ADV_FSP.6.1C ADV_FSP.6.2C ADV_FSP.6.3C ADV_FSP.6.4C ADV_FSP.6.5C ADV_FSP.6.6C ADV_FSP.6.7C ADV_FSP.6.8C ADV_FSP.6.9C ADV_FSP.6.10C Evaluator action elements ADV_FSP.6.1E ADV_FSP.6.2E |
| 79 | Implementation representation (ADV_IMP) Objectives Component levelling Application notes |
| 80 | ADV_IMP.1 Implementation representation of the TSF Developer action elements ADV_IMP.1.1D ADV_IMP.1.2D Content and presentation elements ADV_IMP.1.1C ADV_IMP.1.2C ADV_IMP.1.3C Evaluator action elements ADV_IMP.1.1E ADV_IMP.2 Complete mapping of the implementation representat |
| 81 | Developer action elements ADV_IMP.2.1D ADV_IMP.2.2D Content and presentation elements ADV_IMP.2.1C ADV_IMP.2.2C ADV_IMP.2.3C Evaluator action elements ADV_IMP.2.1E TSF internals (ADV_INT) Objectives Component levelling Application notes |
| 82 | ADV_INT.1 Well-structured subset of TSF internals Objectives Application notes Developer action elements ADV_INT.1.1D ADV_INT.1.2D Content and presentation elements ADV_INT.1.1C |
| 83 | ADV_INT.1.2C Evaluator action elements ADV_INT.1.1E ADV_INT.1.2E ADV_INT.2 Well-structured internals Objectives Application notes Developer action elements ADV_INT.2.1D ADV_INT.2.2D Content and presentation elements ADV_INT.2.1C ADV_INT.2.2C |
| 84 | Evaluator action elements ADV_INT.2.1E ADV_INT.2.2E ADV_INT.3 Minimally complex internals Objectives Application notes Developer action elements ADV_INT.3.1D ADV_INT.3.2D Content and presentation elements ADV_INT.3.1C ADV_INT.3.2C Evaluator action elements ADV_INT.3.1E |
| 85 | ADV_INT.3.2E Security policy modelling (ADV_SPM) Objectives Component levelling Application notes |
| 86 | ADV_SPM.1 Formal TOE security policy model Developer action elements ADV_SPM.1.1D ADV_SPM.1.2D ADV_SPM.1.3D ADV_SPM.1.4D Content and presentation elements ADV_SPM.1.1C ADV_SPM.1.2C ADV_SPM.1.3C ADV_SPM.1.4C |
| 87 | Evaluator action elements ADV_SPM.1.1E TOE design (ADV_TDS) Objectives Component levelling Application notes |
| 88 | Detail about the Subsystems and Modules ADV_TDS.1 Basic design Developer action elements ADV_TDS.1.1D ADV_TDS.1.2D |
| 89 | Content and presentation elements ADV_TDS.1.1C ADV_TDS.1.2C ADV_TDS.1.3C ADV_TDS.1.4C ADV_TDS.1.5C ADV_TDS.1.6C Evaluator action elements ADV_TDS.1.1E ADV_TDS.1.2E ADV_TDS.2 Architectural design Developer action elements ADV_TDS.2.1D ADV_TDS.2.2D |
| 90 | Content and presentation elements ADV_TDS.2.1C ADV_TDS.2.2C ADV_TDS.2.3C ADV_TDS.2.4C ADV_TDS.2.5C ADV_TDS.2.6C ADV_TDS.2.7C ADV_TDS.2.8C Evaluator action elements ADV_TDS.2.1E ADV_TDS.2.2E ADV_TDS.3 Basic modular design Developer action elements ADV_TDS.3.1D |
| 91 | ADV_TDS.3.2D Content and presentation elements ADV_TDS.3.1C ADV_TDS.3.2C ADV_TDS.3.3C ADV_TDS.3.4C ADV_TDS.3.5C ADV_TDS.3.6C ADV_TDS.3.7C ADV_TDS.3.8C ADV_TDS.3.9C ADV_TDS.3.10C Evaluator action elements ADV_TDS.3.1E |
| 92 | ADV_TDS.3.2E ADV_TDS.4 Semiformal modular design Developer action elements ADV_TDS.4.1D ADV_TDS.4.2D Content and presentation elements ADV_TDS.4.1C ADV_TDS.4.2C ADV_TDS.4.3C ADV_TDS.4.4C ADV_TDS.4.5C ADV_TDS.4.6C ADV_TDS.4.7C ADV_TDS.4.8C |
| 93 | ADV_TDS.4.9C ADV_TDS.4.10C Evaluator action elements ADV_TDS.4.1E ADV_TDS.4.2E ADV_TDS.5 Complete semiformal modular design Developer action elements ADV_TDS.5.1D ADV_TDS.5.2D Content and presentation elements ADV_TDS.5.1C ADV_TDS.5.2C ADV_TDS.5.3C ADV_TDS.5.4C |
| 94 | ADV_TDS.5.5C ADV_TDS.5.6C ADV_TDS.5.7C ADV_TDS.5.8C Evaluator action elements ADV_TDS.5.1E ADV_TDS.5.2E ADV_TDS.6 Complete semiformal modular design with formal hig Developer action elements ADV_TDS.6.1D ADV_TDS.6.2D ADV_TDS.6.3D ADV_TDS.6.4D |
| 95 | Content and presentation elements ADV_TDS.6.1C ADV_TDS.6.2C ADV_TDS.6.3C ADV_TDS.6.4C ADV_TDS.6.5C ADV_TDS.6.6C ADV_TDS.6.7C ADV_TDS.6.8C ADV_TDS.6.9C ADV_TDS.6.10C Evaluator action elements ADV_TDS.6.1E |
| 96 | ADV_TDS.6.2E Class AGD: Guidance documents Operational user guidance (AGD_OPE) Objectives |
| 97 | Component levelling Application notes AGD_OPE.1 Operational user guidance Developer action elements AGD_OPE.1.1D Content and presentation elements AGD_OPE.1.1C AGD_OPE.1.2C |
| 98 | AGD_OPE.1.3C AGD_OPE.1.4C AGD_OPE.1.5C AGD_OPE.1.6C AGD_OPE.1.7C Evaluator action elements AGD_OPE.1.1E Preparative procedures (AGD_PRE) Objectives Component levelling Application notes |
| 99 | AGD_PRE.1 Preparative procedures Developer action elements AGD_PRE.1.1D Content and presentation elements AGD_PRE.1.1C AGD_PRE.1.2C Evaluator action elements AGD_PRE.1.1E AGD_PRE.1.2E Class ALC: Life-cycle support |
| 100 | CM capabilities (ALC_CMC) Objectives |
| 101 | Component levelling Application notes ALC_CMC.1 Labelling of the TOE Objectives |
| 102 | Developer action elements ALC_CMC.1.1D Content and presentation elements ALC_CMC.1.1C Evaluator action elements ALC_CMC.1.1E ALC_CMC.2 Use of a CM system Objectives Developer action elements ALC_CMC.2.1D ALC_CMC.2.2D ALC_CMC.2.3D Content and presentation elements ALC_CMC.2.1C ALC_CMC.2.2C |
| 103 | ALC_CMC.2.3C Evaluator action elements ALC_CMC.2.1E ALC_CMC.3 Authorisation controls Objectives Developer action elements ALC_CMC.3.1D ALC_CMC.3.2D ALC_CMC.3.3D Content and presentation elements ALC_CMC.3.1C ALC_CMC.3.2C |
| 104 | ALC_CMC.3.3C ALC_CMC.3.4C ALC_CMC.3.5C ALC_CMC.3.6C ALC_CMC.3.7C ALC_CMC.3.8C Evaluator action elements ALC_CMC.3.1E ALC_CMC.4 Production support, acceptance procedures and auto Objectives |
| 105 | Developer action elements ALC_CMC.4.1D ALC_CMC.4.2D ALC_CMC.4.3D Content and presentation elements ALC_CMC.4.1C ALC_CMC.4.2C ALC_CMC.4.3C ALC_CMC.4.4C ALC_CMC.4.5C ALC_CMC.4.6C ALC_CMC.4.7C |
| 106 | ALC_CMC.4.8C ALC_CMC.4.9C ALC_CMC.4.10C Evaluator action elements ALC_CMC.4.1E ALC_CMC.5 Advanced support Objectives |
| 107 | Developer action elements ALC_CMC.5.1D ALC_CMC.5.2D ALC_CMC.5.3D Content and presentation elements ALC_CMC.5.1C ALC_CMC.5.2C ALC_CMC.5.3C ALC_CMC.5.4C ALC_CMC.5.5C ALC_CMC.5.6C ALC_CMC.5.7C ALC_CMC.5.8C |
| 108 | ALC_CMC.5.9C ALC_CMC.5.10C ALC_CMC.5.11C ALC_CMC.5.12C ALC_CMC.5.13C ALC_CMC.5.14C ALC_CMC.5.15C ALC_CMC.5.16C Evaluator action elements ALC_CMC.5.1E ALC_CMC.5.2E CM scope (ALC_CMS) Objectives |
| 109 | Component levelling Application notes ALC_CMS.1 TOE CM coverage Objectives Application notes Developer action elements ALC_CMS.1.1D Content and presentation elements ALC_CMS.1.1C ALC_CMS.1.2C Evaluator action elements ALC_CMS.1.1E ALC_CMS.2 Parts of the TOE CM coverage |
| 110 | Objectives Application notes Developer action elements ALC_CMS.2.1D Content and presentation elements ALC_CMS.2.1C ALC_CMS.2.2C ALC_CMS.2.3C Evaluator action elements ALC_CMS.2.1E ALC_CMS.3 Implementation representation CM coverage Objectives |
| 111 | Application notes Developer action elements ALC_CMS.3.1D Content and presentation elements ALC_CMS.3.1C ALC_CMS.3.2C ALC_CMS.3.3C Evaluator action elements ALC_CMS.3.1E ALC_CMS.4 Problem tracking CM coverage Objectives Application notes Developer action elements ALC_CMS.4.1D |
| 112 | Content and presentation elements ALC_CMS.4.1C ALC_CMS.4.2C ALC_CMS.4.3C Evaluator action elements ALC_CMS.4.1E ALC_CMS.5 Development tools CM coverage Objectives Application notes Developer action elements ALC_CMS.5.1D |
| 113 | Content and presentation elements ALC_CMS.5.1C ALC_CMS.5.2C ALC_CMS.5.3C Evaluator action elements ALC_CMS.5.1E Delivery (ALC_DEL) Objectives Component levelling Application notes |
| 114 | ALC_DEL.1 Delivery procedures Developer action elements ALC_DEL.1.1D ALC_DEL.1.2D Content and presentation elements ALC_DEL.1.1C Evaluator action elements ALC_DEL.1.1E Development security (ALC_DVS) Objectives Component levelling Application notes |
| 115 | ALC_DVS.1 Identification of security measures Developer action elements ALC_DVS.1.1D Content and presentation elements ALC_DVS.1.1C Evaluator action elements ALC_DVS.1.1E ALC_DVS.1.2E ALC_DVS.2 Sufficiency of security measures Developer action elements ALC_DVS.2.1D Content and presentation elements ALC_DVS.2.1C |
| 116 | ALC_DVS.2.2C Evaluator action elements ALC_DVS.2.1E ALC_DVS.2.2E Flaw remediation (ALC_FLR) Objectives Component levelling Application notes ALC_FLR.1 Basic flaw remediation |
| 117 | Developer action elements ALC_FLR.1.1D Content and presentation elements ALC_FLR.1.1C ALC_FLR.1.2C ALC_FLR.1.3C ALC_FLR.1.4C Evaluator action elements ALC_FLR.1.1E ALC_FLR.2 Flaw reporting procedures Objectives Developer action elements ALC_FLR.2.1D ALC_FLR.2.2D |
| 118 | ALC_FLR.2.3D Content and presentation elements ALC_FLR.2.1C ALC_FLR.2.2C ALC_FLR.2.3C ALC_FLR.2.4C ALC_FLR.2.5C ALC_FLR.2.6C ALC_FLR.2.7C ALC_FLR.2.8C Evaluator action elements ALC_FLR.2.1E ALC_FLR.3 Systematic flaw remediation |
| 119 | Objectives Developer action elements ALC_FLR.3.1D ALC_FLR.3.2D ALC_FLR.3.3D Content and presentation elements ALC_FLR.3.1C ALC_FLR.3.2C ALC_FLR.3.3C ALC_FLR.3.4C ALC_FLR.3.5C ALC_FLR.3.6C |
| 120 | ALC_FLR.3.7C ALC_FLR.3.8C ALC_FLR.3.9C ALC_FLR.3.10C ALC_FLR.3.11C Evaluator action elements ALC_FLR.3.1E Life-cycle definition (ALC_LCD) Objectives Component levelling Application notes |
| 121 | ALC_LCD.1 Developer defined life-cycle model Developer action elements ALC_LCD.1.1D ALC_LCD.1.2D Content and presentation elements ALC_LCD.1.1C ALC_LCD.1.2C Evaluator action elements ALC_LCD.1.1E |
| 122 | ALC_LCD.2 Measurable life-cycle model Developer action elements ALC_LCD.2.1D ALC_LCD.2.2D ALC_LCD.2.3D ALC_LCD.2.4D Content and presentation elements ALC_LCD.2.1C ALC_LCD.2.2C ALC_LCD.2.3C Evaluator action elements ALC_LCD.2.1E Tools and techniques (ALC_TAT) Objectives |
| 123 | Component levelling Application notes ALC_TAT.1 Well-defined development tools Developer action elements ALC_TAT.1.1D ALC_TAT.1.2D Content and presentation elements ALC_TAT.1.1C ALC_TAT.1.2C ALC_TAT.1.3C |
| 124 | Evaluator action elements ALC_TAT.1.1E ALC_TAT.2 Compliance with implementation standards Developer action elements ALC_TAT.2.1D ALC_TAT.2.2D ALC_TAT.2.3D Content and presentation elements ALC_TAT.2.1C ALC_TAT.2.2C ALC_TAT.2.3C Evaluator action elements ALC_TAT.2.1E ALC_TAT.2.2E ALC_TAT.3 Compliance with implementation standards – all par |
| 125 | Developer action elements ALC_TAT.3.1D ALC_TAT.3.2D ALC_TAT.3.3D Content and presentation elements ALC_TAT.3.1C ALC_TAT.3.2C ALC_TAT.3.3C Evaluator action elements ALC_TAT.3.1E ALC_TAT.3.2E Class ATE: Tests |
| 126 | Coverage (ATE_COV) Objectives Component levelling Application notes ATE_COV.1 Evidence of coverage Objectives Application notes Developer action elements ATE_COV.1.1D |
| 127 | Content and presentation elements ATE_COV.1.1C Evaluator action elements ATE_COV.1.1E ATE_COV.2 Analysis of coverage Objectives Application notes Developer action elements ATE_COV.2.1D Content and presentation elements ATE_COV.2.1C ATE_COV.2.2C Evaluator action elements ATE_COV.2.1E |
| 128 | ATE_COV.3 Rigorous analysis of coverage Objectives Application notes Developer action elements ATE_COV.3.1D Content and presentation elements ATE_COV.3.1C ATE_COV.3.2C Evaluator action elements ATE_COV.3.1E Depth (ATE_DPT) Objectives |
| 129 | Component levelling Application notes ATE_DPT.1 Testing: basic design Objectives Developer action elements ATE_DPT.1.1D Content and presentation elements ATE_DPT.1.1C ATE_DPT.1.2C |
| 130 | Evaluator action elements ATE_DPT.1.1E ATE_DPT.2 Testing: security enforcing modules Objectives Developer action elements ATE_DPT.2.1D Content and presentation elements ATE_DPT.2.1C ATE_DPT.2.2C ATE_DPT.2.3C Evaluator action elements ATE_DPT.2.1E ATE_DPT.3 Testing: modular design |
| 131 | Objectives Developer action elements ATE_DPT.3.1D Content and presentation elements ATE_DPT.3.1C ATE_DPT.3.2C ATE_DPT.3.3C Evaluator action elements ATE_DPT.3.1E ATE_DPT.4 Testing: implementation representation Objectives Developer action elements ATE_DPT.4.1D |
| 132 | Content and presentation elements ATE_DPT.4.1C ATE_DPT.4.2C ATE_DPT.4.3C ATE_DPT.4.4C Evaluator action elements ATE_DPT.4.1E Functional tests (ATE_FUN) Objectives Component levelling Application notes |
| 133 | ATE_FUN.1 Functional testing Objectives Developer action elements ATE_FUN.1.1D ATE_FUN.1.2D Content and presentation elements ATE_FUN.1.1C ATE_FUN.1.2C ATE_FUN.1.3C ATE_FUN.1.4C Evaluator action elements ATE_FUN.1.1E ATE_FUN.2 Ordered functional testing Objectives |
| 134 | Application notes Developer action elements ATE_FUN.2.1D ATE_FUN.2.2D Content and presentation elements ATE_FUN.2.1C ATE_FUN.2.2C ATE_FUN.2.3C ATE_FUN.2.4C ATE_FUN.2.5C Evaluator action elements ATE_FUN.2.1E Independent testing (ATE_IND) Objectives Component levelling |
| 135 | Application notes ATE_IND.1 Independent testing – conformance Objectives Application notes |
| 136 | Developer action elements ATE_IND.1.1D Content and presentation elements ATE_IND.1.1C Evaluator action elements ATE_IND.1.1E ATE_IND.1.2E ATE_IND.2 Independent testing – sample Objectives Application notes |
| 137 | Developer action elements ATE_IND.2.1D Content and presentation elements ATE_IND.2.1C ATE_IND.2.2C Evaluator action elements ATE_IND.2.1E ATE_IND.2.2E ATE_IND.2.3E ATE_IND.3 Independent testing – complete Objectives Application notes |
| 138 | Developer action elements ATE_IND.3.1D Content and presentation elements ATE_IND.3.1C ATE_IND.3.2C Evaluator action elements ATE_IND.3.1E ATE_IND.3.2E ATE_IND.3.3E Class AVA: Vulnerability assessment Application notes |
| 139 | Vulnerability analysis (AVA_VAN) Objectives Component levelling AVA_VAN.1 Vulnerability survey Objectives |
| 140 | Developer action elements AVA_VAN.1.1D Content and presentation elements AVA_VAN.1.1C Evaluator action elements AVA_VAN.1.1E AVA_VAN.1.2E AVA_VAN.1.3E AVA_VAN.2 Vulnerability analysis Objectives Developer action elements AVA_VAN.2.1D |
| 141 | Content and presentation elements AVA_VAN.2.1C Evaluator action elements AVA_VAN.2.1E AVA_VAN.2.2E AVA_VAN.2.3E AVA_VAN.2.4E AVA_VAN.3 Focused vulnerability analysis Objectives Developer action elements AVA_VAN.3.1D |
| 142 | Content and presentation elements AVA_VAN.3.1C Evaluator action elements AVA_VAN.3.1E AVA_VAN.3.2E AVA_VAN.3.3E AVA_VAN.3.4E AVA_VAN.4 Methodical vulnerability analysis Objectives Developer action elements AVA_VAN.4.1D |
| 143 | Content and presentation elements AVA_VAN.4.1C Evaluator action elements AVA_VAN.4.1E AVA_VAN.4.2E AVA_VAN.4.3E AVA_VAN.4.4E AVA_VAN.5 Advanced methodical vulnerability analysis Objectives Developer action elements AVA_VAN.5.1D |
| 144 | Content and presentation elements AVA_VAN.5.1C Evaluator action elements AVA_VAN.5.1E AVA_VAN.5.2E AVA_VAN.5.3E AVA_VAN.5.4E Class ACO: Composition |
| 146 | Composition rationale (ACO_COR) Objectives Component levelling |
| 147 | ACO_COR.1 Composition rationale Developer action elements ACO_COR.1.1D Content and presentation elements ACO_COR.1.1C Evaluator action elements ACO_COR.1.1E Development evidence (ACO_DEV) Objectives Component levelling Application notes |
| 148 | ACO_DEV.1 Functional Description Objectives Developer action elements ACO_DEV.1.1D Content and presentation elements ACO_DEV.1.1C ACO_DEV.1.2C Evaluator action elements ACO_DEV.1.1E ACO_DEV.1.2E ACO_DEV.2 Basic evidence of design |
| 149 | Objectives Developer action elements ACO_DEV.2.1D Content and presentation elements ACO_DEV.2.1C ACO_DEV.2.2C ACO_DEV.2.3C Evaluator action elements ACO_DEV.2.1E ACO_DEV.2.2E ACO_DEV.3 Detailed evidence of design Objectives |
| 150 | Developer action elements ACO_DEV.3.1D Content and presentation elements ACO_DEV.3.1C ACO_DEV.3.2C ACO_DEV.3.3C ACO_DEV.3.4C ACO_DEV.3.5C Evaluator action elements ACO_DEV.3.1E ACO_DEV.3.2E Reliance of dependent component (ACO_REL) Objectives |
| 151 | Component levelling Application notes ACO_REL.1 Basic reliance information Developer action elements ACO_REL.1.1D Content and presentation elements ACO_REL.1.1C ACO_REL.1.2C ACO_REL.1.3C Evaluator action elements ACO_REL.1.1E |
| 152 | ACO_REL.2 Reliance information Developer action elements ACO_REL.2.1D Content and presentation elements ACO_REL.2.1C ACO_REL.2.2C ACO_REL.2.3C ACO_REL.2.4C Evaluator action elements ACO_REL.2.1E Composed TOE testing (ACO_CTT) Objectives Component levelling Application notes |
| 153 | ACO_CTT.1 Interface testing Objectives Developer action elements ACO_CTT.1.1D ACO_CTT.1.2D ACO_CTT.1.3D ACO_CTT.1.4D |
| 154 | Content and presentation elements ACO_CTT.1.1C ACO_CTT.1.2C ACO_CTT.1.3C ACO_CTT.1.4C Evaluator action elements ACO_CTT.1.1E ACO_CTT.1.2E ACO_CTT.1.3E ACO_CTT.2 Rigorous interface testing Objectives Developer action elements ACO_CTT.2.1D ACO_CTT.2.2D |
| 155 | ACO_CTT.2.3D ACO_CTT.2.4D Content and presentation elements ACO_CTT.2.1C ACO_CTT.2.2C ACO_CTT.2.3C ACO_CTT.2.4C Evaluator action elements ACO_CTT.2.1E ACO_CTT.2.2E ACO_CTT.2.3E Composition vulnerability analysis (ACO_VUL) Objectives Component levelling |
| 156 | Application notes ACO_VUL.1 Composition vulnerability review Developer action elements ACO_VUL.1.1D Content and presentation elements ACO_VUL.1.1C Evaluator action elements ACO_VUL.1.1E ACO_VUL.1.2E ACO_VUL.1.3E |
| 157 | ACO_VUL.1.4E ACO_VUL.2 Composition vulnerability analysis Developer action elements ACO_VUL.2.1D Content and presentation elements ACO_VUL.2.1C Evaluator action elements ACO_VUL.2.1E ACO_VUL.2.2E ACO_VUL.2.3E ACO_VUL.2.4E ACO_VUL.2.5E ACO_VUL.3 Enhanced-Basic Composition vulnerability analysis Developer action elements ACO_VUL.3.1D |
| 158 | Content and presentation elements ACO_VUL.3.1C Evaluator action elements ACO_VUL.3.1E ACO_VUL.3.2E ACO_VUL.3.3E ACO_VUL.3.4E ACO_VUL.3.5E |
Related products
-
BS ISO/IEC 15408-3:2005
Information technology. Security techniques. Evaluation criteria for IT security – Security assurance requirements Published By…
-
BS EN 15400:2011
Solid recovered fuels. Determination of calorific value Published By Publication Date Number of Pages BSI…
-
BSI 20/30409090 DC 2020
BS EN 12732. Gas infrastructure. Welding steel pipework. Functional requirements Published By Publication Date Number…
-
BS EN ISO/IEC 15408-3:2023
Information security, cybersecurity and privacy protection. Evaluation criteria for IT security – Security assurance components…
-
BS ISO 15403:2000
Natural gas. Designation of the quality of natural gas for use as a compressed fuel…
-
BS EN 15402:2011
Solid recovered fuels. Determination of the content of volatile matter Published By Publication Date Number…
-
BS ISO/IEC 15438:2015
Information technology. Automatic identification and data capture techniques. PDF417 bar code symbology specification Published By…
-
BS EN ISO 15908:2002:2003 Edition
Adhesives for thermoplastic piping systems. Test method for the determination of thermal stability of adhesives…
-
BS ISO/IEC 15408-2:2005
Information technology. Security techniques. Evaluation criteria for IT security – Security functional requirements Published By…
-
BS EN ISO 13408-1:2024
Aseptic processing of health care products – General requirements Published By Publication Date Number of…
-
BSI 24/30475713 DC:2024 Edition
BS EN ISO 16408 Dentistry. Oral care products. Oral rinses Published By Publication Date Number…
-
BS EN ISO/IEC 19896-3:2023
IT security techniques. Competence requirements for information security testers and evaluators – Knowledge, skills and…
-
BS EN ISO/IEC 30111:2020
Information technology. Security techniques. Vulnerability handling processes Published By Publication Date Number of Pages BSI…
-
BS EN ISO/IEC 15408-2:2020
Information technology. Security techniques. Evaluation criteria for IT security – Security functional components Published By…
-
BS ISO/IEC 15408-1:2005
Information technology. Security techniques. Evaluation criteria for IT security – Introduction and general model Published…
-
BS EN ISO/IEC 18045:2020
Information technology. Security techniques. Methodology for IT security evaluation Published By Publication Date Number of…
-
BSI 20/30376066 DC 2020
BS EN ISO 27789. Health informatics. Audit trails for electronic health records Published By Publication…
-
BS EN 15403:2011
Solid recovered fuels. Determination of ash content Published By Publication Date Number of Pages BSI…
-
BS EN ISO 13408-6:2021
Aseptic processing of health care products – Isolator systems Published By Publication Date Number of…
-
BS EN 15908:2010
Anaesthetic and respiratory equipment. Non-interchangeable screw-threaded (NIST) low-pressure connectors for medical gases Published By Publication…
-
BS EN ISO 15403-1:2008
Natural gas. Natural gas for use as a compressed fuel for vehicles – Designation of…
-
BS EN ISO 15438:2003
Information technology. Automatic identification and data capture techniques. Bar code symbology specifications. PDF417 Published By…
-
BS EN ISO/IEC 15408-4:2023
Information security, cybersecurity and privacy protection. Evaluation criteria for IT security – Framework for the…
-
BS EN ISO/IEC 15408-5:2023
Information security, cybersecurity and privacy protection. Evaluation criteria for IT security – Pre-defined packages of…
-
BS EN ISO/IEC 15408-1:2023
Information security, cybersecurity and privacy protection. Evaluation criteria for IT security – Introduction and general…
-
BS ISO/IEC 15418:1999:2000 Edition
Information technology. EAN/UCC application identifiers and fact data identifiers and maintenance Published By Publication Date…
-
BS EN ISO 13408-6:2021
Aseptic processing of health care products – Isolator systems Published By Publication Date Number of…
-
BS EN ISO/IEEE 11073-10408:2022 – TC:2023 Edition
Tracked Changes. Health informatics. Device interoperability – Personal health device communication. Device specialization. Thermometer Published…
-
BS EN ISO/IEEE 11073-10408:2022:2023 Edition
Health informatics. Device interoperability – Personal health device communication. Device specialization. Thermometer Published By Publication…
-
BSI 24/30477193 DC:2024 Edition
BS EN ISO 15708-2 Non-destructive testing – Radiation methods for computed tomography – Part 2:…
-
BS EN 15407:2011
Solid recovered fuels. Methods for the determination of carbon (C), hydrogen (H) and nitrogen (N)…
-
BS EN ISO/IEC 15438:2010
Information technology. Automatic identification and data capture techniques. PDF417 bar code symbology specification Published By…
-
BS EN ISO/IEC 15408-2:2023
Information security, cybersecurity and privacy protection. Evaluation criteria for IT security – Security functional components…
-
BS EN ISO 13408-1:2024
Aseptic processing of health care products – General requirements Published By Publication Date Number of…
-
BS ISO/IEC 15408-3:2022
Information security, cybersecurity and privacy protection. Evaluation criteria for IT security – Security assurance components…
-
BS EN ISO 11073-10408:2011
Health informatics. Personal health device communication – Device specialization. Thermometer Published By Publication Date Number…
-
BS EN ISO/IEC 15408-1:2020
Information technology. Security techniques. Evaluation criteria for IT security – Introduction and general model Published…
-
BS ISO/IEC 15408-1:2022
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security – Part 1:…
-
BSI 21/30387349 DC:2021 Edition
BS EN ISO 13408-1. Aseptic processing of health care products – Part 1. General requirements…
-
BS EN ISO 4624:2016 – TC:2020 Edition
Tracked Changes. Paints and varnishes. Pull-off test for adhesion Published By Publication Date Number of…
