© crown copyright (2000) module 2.2 development representations
TRANSCRIPT
![Page 1: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/1.jpg)
© Crown Copyright (2000)
Module 2.2
Development
Representations
![Page 2: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/2.jpg)
“You Are Here”
M2.1 Requirements
M2.2 Development Representations
M2.3 Functional Testing
M2.4 Development Environment
M2.5 Operational Environment
M2.6 Vulnerability Analysis
M2.7 Penetration Testing
M2.8 Assurance Maintenance/Composition
MODULE 2 - ASSURANCE
![Page 3: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/3.jpg)
Introduction
• Refinement
• Traceability Analysis
• Separation
• Specification Styles
![Page 4: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/4.jpg)
Refinement
• High Level (Architectural )Design
• Low Level (Detailed ) Design
• Implementation Representation (e.g. source code or hardware drawings)
• Depth of Refinement (Commensurate with Assurance)
![Page 5: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/5.jpg)
Traceability Analysis
• Validate correctness of refinement• Security Function to High Level (Architectural)
Design to Low Level (Detailed) Design to Implementation
Security Function
High LevelDesign
Low LevelDesign
![Page 6: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/6.jpg)
Separation
• Ideally integrated into design of product/system• Focus on limited areas• Physical, logical, temporal, others
![Page 7: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/7.jpg)
Specification Styles
• Various styles
• More assurance from greater formality
![Page 8: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/8.jpg)
ITSEC Requirements
Aspect E1 E2 E3 E4 E5 E6
Architectural Design I I I S S F
Detailed Design I I S S S
Modularity of Design
Source code /hardware drawings
![Page 9: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/9.jpg)
CC Requirements
Aspect EAL1
EAL2
EAL3
EAL4
EAL5
EAL6
EAL7
Functional Specification I I I I S S F
High-level Design I I I S S F
Low-level Design I I S S
TOE Internals
ImplementationRepresentation
%
![Page 10: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/10.jpg)
Evaluation Reporting
• Examination of documentation– show how and where requirements are satisfied– demonstrate traceability
![Page 11: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/11.jpg)
Summary
• Refinement
• Traceability
• Separation
• Specification
![Page 12: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/12.jpg)
Further Reading
ITSEC Evaluation
• UK SP 05 Part III, Chapters 5-7
CC Evaluation
• CC Part 3, Sections 2.6.3 and 10
• CEM Part 2, Chapters 5-8 (ADV sections)
![Page 13: © Crown Copyright (2000) Module 2.2 Development Representations](https://reader036.vdocument.in/reader036/viewer/2022082805/5515f21755034638038b53a5/html5/thumbnails/13.jpg)
Exercise - Design
• Split into two syndicates
• Write a High Level (Architectural) or Low Level (Detailed) design for a Security Function
• Swap over the designs
• Evaluate the designs
• Discuss findings