{"id":350594,"date":"2024-10-20T00:43:06","date_gmt":"2024-10-20T00:43:06","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/bs-en-iso-iec-15408-32020\/"},"modified":"2024-10-26T00:30:55","modified_gmt":"2024-10-26T00:30:55","slug":"bs-en-iso-iec-15408-32020","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/bsi\/bs-en-iso-iec-15408-32020\/","title":{"rendered":"BS EN ISO\/IEC 15408-3:2020"},"content":{"rendered":"

This part of ISO\/IEC 15408 defines the assurance requirements of ISO\/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component Targets of Evaluation (TOEs), the composed assurance packages (CAPs) that define a scale for measuring assurance for composed TOEs, the individual assurance components from which the assurance levels and packages are composed, and the criteria for evaluation of Protection Profiles (PPs) and Security Targets (STs).<\/p>\n

PDF Catalog<\/h4>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
PDF Pages<\/th>\nPDF Title<\/th>\n<\/tr>\n
2<\/td>\nundefined <\/td>\n<\/tr>\n
5<\/td>\nEuropean foreword
Endorsement notice <\/td>\n<\/tr>\n
17<\/td>\nScope
Normative references
Terms and definitions, symbols and abbreviated terms
Overview
Organisation of this part of ISO\/IEC 15408 <\/td>\n<\/tr>\n
18<\/td>\nAssurance paradigm
ISO\/IEC 15408 philosophy
Assurance approach
Significance of vulnerabilities <\/td>\n<\/tr>\n
19<\/td>\nCause of vulnerabilities
ISO\/IEC 15408 assurance
Assurance through evaluation
ISO\/IEC 15408 evaluation assurance scale <\/td>\n<\/tr>\n
20<\/td>\nSecurity assurance components
Security assurance classes, families and components structur
Assurance class structure
Class name
Class introduction
Assurance families <\/td>\n<\/tr>\n
21<\/td>\nAssurance family structure
Family name
Objectives <\/td>\n<\/tr>\n
22<\/td>\nComponent levelling
Application notes
Assurance components
Assurance component structure
Component identification <\/td>\n<\/tr>\n
23<\/td>\nObjectives
Application notes
Dependencies
Assurance elements <\/td>\n<\/tr>\n
24<\/td>\nAssurance elements
Component taxonomy <\/td>\n<\/tr>\n
25<\/td>\nEAL structure
EAL name
Objectives
Application notes <\/td>\n<\/tr>\n
26<\/td>\nAssurance components
Relationship between assurances and assurance levels <\/td>\n<\/tr>\n
27<\/td>\nCAP structure
CAP name
Objectives
Application notes <\/td>\n<\/tr>\n
28<\/td>\nAssurance components <\/td>\n<\/tr>\n
29<\/td>\nRelationship between assurances and assurance levels
Evaluation assurance levels <\/td>\n<\/tr>\n
30<\/td>\nEvaluation assurance level (EAL) overview <\/td>\n<\/tr>\n
31<\/td>\nEvaluation assurance level details
Evaluation assurance level 1 (EAL1) – functionally tested
Objectives <\/td>\n<\/tr>\n
32<\/td>\nAssurance components
Evaluation assurance level 2 (EAL2) – structurally tested
Objectives
Assurance components <\/td>\n<\/tr>\n
33<\/td>\nEvaluation assurance level 3 (EAL3) – methodically tested an
Objectives
Assurance components <\/td>\n<\/tr>\n
34<\/td>\nEvaluation assurance level 4 (EAL4) – methodically designed,
Objectives
Assurance components <\/td>\n<\/tr>\n
35<\/td>\nEvaluation assurance level 5 (EAL5) – semiformally designed
Objectives
Assurance components <\/td>\n<\/tr>\n
36<\/td>\nEvaluation assurance level 6 (EAL6) – semiformally verified
Objectives
Assurance components <\/td>\n<\/tr>\n
37<\/td>\nEvaluation assurance level 7 (EAL7) – formally verified desi
Objectives <\/td>\n<\/tr>\n
38<\/td>\nAssurance components <\/td>\n<\/tr>\n
39<\/td>\nComposed assurance packages
Composed assurance package (CAP) overview <\/td>\n<\/tr>\n
40<\/td>\nComposed assurance package details
Composition assurance level A (CAP-A) – Structurally compose
Objectives
Assurance components <\/td>\n<\/tr>\n
41<\/td>\nComposition assurance level B (CAP-B) – Methodically compose
Objectives
Assurance components <\/td>\n<\/tr>\n
42<\/td>\nComposition assurance level C (CAP-C) – Methodically compose
Objectives
Assurance components <\/td>\n<\/tr>\n
43<\/td>\nClass APE: Protection Profile evaluation <\/td>\n<\/tr>\n
44<\/td>\nPP introduction (APE_INT)
Objectives
APE_INT.1 PP introduction
Developer action elements
APE_INT.1.1D
Content and presentation elements
APE_INT.1.1C
APE_INT.1.2C
APE_INT.1.3C <\/td>\n<\/tr>\n
45<\/td>\nAPE_INT.1.4C
APE_INT.1.5C
Evaluator action elements
APE_INT.1.1E
Conformance claims (APE_CCL)
Objectives
APE_CCL.1 Conformance claims
Developer action elements
APE_CCL.1.1D
APE_CCL.1.2D
APE_CCL.1.3D
Content and presentation elements
APE_CCL.1.1C
APE_CCL.1.2C <\/td>\n<\/tr>\n
46<\/td>\nAPE_CCL.1.3C
APE_CCL.1.4C
APE_CCL.1.5C
APE_CCL.1.6C
APE_CCL.1.7C
APE_CCL.1.8C
APE_CCL.1.9C
APE_CCL.1.10C
APE_CCL.1.11C
Evaluator action elements
APE_CCL.1.1E <\/td>\n<\/tr>\n
47<\/td>\nSecurity problem definition (APE_SPD)
Objectives
APE_SPD.1 Security problem definition
Developer action elements
APE_SPD.1.1D
Content and presentation elements
APE_SPD.1.1C
APE_SPD.1.2C
APE_SPD.1.3C
APE_SPD.1.4C
Evaluator action elements
APE_SPD.1.1E
Security objectives (APE_OBJ)
Objectives <\/td>\n<\/tr>\n
48<\/td>\nComponent levelling
APE_OBJ.1 Security objectives for the operational environmen
Developer action elements
APE_OBJ.1.1D
Content and presentation elements
APE_OBJ.1.1C
Evaluator action elements
APE_OBJ.1.1E
APE_OBJ.2 Security objectives
Developer action elements
APE_OBJ.2.1D
APE_OBJ.2.2D
Content and presentation elements
APE_OBJ.2.1C
APE_OBJ.2.2C <\/td>\n<\/tr>\n
49<\/td>\nAPE_OBJ.2.3C
APE_OBJ.2.4C
APE_OBJ.2.5C
APE_OBJ.2.6C
Evaluator action elements
APE_OBJ.2.1E
Extended components definition (APE_ECD)
Objectives
APE_ECD.1 Extended components definition
Developer action elements
APE_ECD.1.1D
APE_ECD.1.2D
Content and presentation elements
APE_ECD.1.1C <\/td>\n<\/tr>\n
50<\/td>\nAPE_ECD.1.2C
APE_ECD.1.3C
APE_ECD.1.4C
APE_ECD.1.5C
Evaluator action elements
APE_ECD.1.1E
APE_ECD.1.2E
Security requirements (APE_REQ)
Objectives
Component levelling
APE_REQ.1 Stated security requirements
Developer action elements
APE_REQ.1.1D <\/td>\n<\/tr>\n
51<\/td>\nAPE_REQ.1.2D
Content and presentation elements
APE_REQ.1.1C
APE_REQ.1.2C
APE_REQ.1.3C
APE_REQ.1.4C
APE_REQ.1.5C
APE_REQ.1.6C
Evaluator action elements
APE_REQ.1.1E
APE_REQ.2 Derived security requirements
Developer action elements
APE_REQ.2.1D
APE_REQ.2.2D <\/td>\n<\/tr>\n
52<\/td>\nContent and presentation elements
APE_REQ.2.1C
APE_REQ.2.2C
APE_REQ.2.3C
APE_REQ.2.4C
APE_REQ.2.5C
APE_REQ.2.6C
APE_REQ.2.7C
APE_REQ.2.8C
APE_REQ.2.9C
Evaluator action elements
APE_REQ.2.1E
Class ASE: Security Target evaluation <\/td>\n<\/tr>\n
53<\/td>\nST introduction (ASE_INT)
Objectives
ASE_INT.1 ST introduction
Developer action elements
ASE_INT.1.1D
Content and presentation elements
ASE_INT.1.1C <\/td>\n<\/tr>\n
54<\/td>\nASE_INT.1.2C
ASE_INT.1.3C
ASE_INT.1.4C
ASE_INT.1.5C
ASE_INT.1.6C
ASE_INT.1.7C
ASE_INT.1.8C
Evaluator action elements
ASE_INT.1.1E
ASE_INT.1.2E
Conformance claims (ASE_CCL)
Objectives
ASE_CCL.1 Conformance claims <\/td>\n<\/tr>\n
55<\/td>\nDeveloper action elements
ASE_CCL.1.1D
ASE_CCL.1.2D
Content and presentation elements
ASE_CCL.1.1C
ASE_CCL.1.2C
ASE_CCL.1.3C
ASE_CCL.1.4C
ASE_CCL.1.5C
ASE_CCL.1.6C
ASE_CCL.1.7C
ASE_CCL.1.8C
ASE_CCL.1.9C <\/td>\n<\/tr>\n
56<\/td>\nASE_CCL.1.10C
Evaluator action elements
ASE_CCL.1.1E
Security problem definition (ASE_SPD)
Objectives
ASE_SPD.1 Security problem definition
Developer action elements
ASE_SPD.1.1D
Content and presentation elements
ASE_SPD.1.1C
ASE_SPD.1.2C
ASE_SPD.1.3C
ASE_SPD.1.4C
Evaluator action elements
ASE_SPD.1.1E <\/td>\n<\/tr>\n
57<\/td>\nSecurity objectives (ASE_OBJ)
Objectives
Component levelling
ASE_OBJ.1 Security objectives for the operational environmen
Developer action elements
ASE_OBJ.1.1D
Content and presentation elements
ASE_OBJ.1.1C
Evaluator action elements
ASE_OBJ.1.1E
ASE_OBJ.2 Security objectives
Developer action elements
ASE_OBJ.2.1D
ASE_OBJ.2.2D <\/td>\n<\/tr>\n
58<\/td>\nContent and presentation elements
ASE_OBJ.2.1C
ASE_OBJ.2.2C
ASE_OBJ.2.3C
ASE_OBJ.2.4C
ASE_OBJ.2.5C
ASE_OBJ.2.6C
Evaluator action elements
ASE_OBJ.2.1E
Extended components definition (ASE_ECD)
Objectives
ASE_ECD.1 Extended components definition
Developer action elements
ASE_ECD.1.1D <\/td>\n<\/tr>\n
59<\/td>\nASE_ECD.1.2D
Content and presentation elements
ASE_ECD.1.1C
ASE_ECD.1.2C
ASE_ECD.1.3C
ASE_ECD.1.4C
ASE_ECD.1.5C
Evaluator action elements
ASE_ECD.1.1E
ASE_ECD.1.2E
Security requirements (ASE_REQ)
Objectives
Component levelling <\/td>\n<\/tr>\n
60<\/td>\nASE_REQ.1 Stated security requirements
Developer action elements
ASE_REQ.1.1D
ASE_REQ.1.2D
Content and presentation elements
ASE_REQ.1.1C
ASE_REQ.1.2C
ASE_REQ.1.3C
ASE_REQ.1.4C
ASE_REQ.1.5C
ASE_REQ.1.6C
Evaluator action elements
ASE_REQ.1.1E
ASE_REQ.2 Derived security requirements <\/td>\n<\/tr>\n
61<\/td>\nDeveloper action elements
ASE_REQ.2.1D
ASE_REQ.2.2D
Content and presentation elements
ASE_REQ.2.1C
ASE_REQ.2.2C
ASE_REQ.2.3C
ASE_REQ.2.4C
ASE_REQ.2.5C
ASE_REQ.2.6C
ASE_REQ.2.7C
ASE_REQ.2.8C
ASE_REQ.2.9C
Evaluator action elements
ASE_REQ.2.1E <\/td>\n<\/tr>\n
62<\/td>\nTOE summary specification (ASE_TSS)
Objectives
Component levelling
ASE_TSS.1 TOE summary specification
Developer action elements
ASE_TSS.1.1D
Content and presentation elements
ASE_TSS.1.1C
Evaluator action elements
ASE_TSS.1.1E
ASE_TSS.1.2E <\/td>\n<\/tr>\n
63<\/td>\nASE_TSS.2 TOE summary specification with architectural desig
Developer action elements
ASE_TSS.2.1D
Content and presentation elements
ASE_TSS.2.1C
ASE_TSS.2.2C
ASE_TSS.2.3C
Evaluator action elements
ASE_TSS.2.1E
ASE_TSS.2.2E <\/td>\n<\/tr>\n
64<\/td>\nClass ADV: Development <\/td>\n<\/tr>\n
68<\/td>\nSecurity Architecture (ADV_ARC)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
69<\/td>\nADV_ARC.1 Security architecture description
Developer action elements
ADV_ARC.1.1D
ADV_ARC.1.2D
ADV_ARC.1.3D
Content and presentation elements
ADV_ARC.1.1C
ADV_ARC.1.2C
ADV_ARC.1.3C
ADV_ARC.1.4C
ADV_ARC.1.5C <\/td>\n<\/tr>\n
70<\/td>\nEvaluator action elements
ADV_ARC.1.1E
Functional specification (ADV_FSP)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
71<\/td>\nDetail about the Interfaces <\/td>\n<\/tr>\n
72<\/td>\nComponents of this Family
ADV_FSP.1 Basic functional specification
Developer action elements
ADV_FSP.1.1D <\/td>\n<\/tr>\n
73<\/td>\nADV_FSP.1.2D
Content and presentation elements
ADV_FSP.1.1C
ADV_FSP.1.2C
ADV_FSP.1.3C
ADV_FSP.1.4C
Evaluator action elements
ADV_FSP.1.1E
ADV_FSP.1.2E
ADV_FSP.2 Security-enforcing functional specification
Developer action elements
ADV_FSP.2.1D
ADV_FSP.2.2D
Content and presentation elements
ADV_FSP.2.1C <\/td>\n<\/tr>\n
74<\/td>\nADV_FSP.2.2C
ADV_FSP.2.3C
ADV_FSP.2.4C
ADV_FSP.2.5C
ADV_FSP.2.6C
Evaluator action elements
ADV_FSP.2.1E
ADV_FSP.2.2E
ADV_FSP.3 Functional specification with complete summary
Developer action elements
ADV_FSP.3.1D
ADV_FSP.3.2D
Content and presentation elements
ADV_FSP.3.1C
ADV_FSP.3.2C <\/td>\n<\/tr>\n
75<\/td>\nADV_FSP.3.3C
ADV_FSP.3.4C
ADV_FSP.3.5C
ADV_FSP.3.6C
ADV_FSP.3.7C
Evaluator action elements
ADV_FSP.3.1E
ADV_FSP.3.2E
ADV_FSP.4 Complete functional specification
Developer action elements
ADV_FSP.4.1D
ADV_FSP.4.2D
Content and presentation elements
ADV_FSP.4.1C
ADV_FSP.4.2C <\/td>\n<\/tr>\n
76<\/td>\nADV_FSP.4.3C
ADV_FSP.4.4C
ADV_FSP.4.5C
ADV_FSP.4.6C
Evaluator action elements
ADV_FSP.4.1E
ADV_FSP.4.2E
ADV_FSP.5 Complete semi-formal functional specification with
Developer action elements
ADV_FSP.5.1D
ADV_FSP.5.2D
Content and presentation elements
ADV_FSP.5.1C
ADV_FSP.5.2C
ADV_FSP.5.3C <\/td>\n<\/tr>\n
77<\/td>\nADV_FSP.5.4C
ADV_FSP.5.5C
ADV_FSP.5.6C
ADV_FSP.5.7C
ADV_FSP.5.8C
ADV_FSP.5.9C
Evaluator action elements
ADV_FSP.5.1E
ADV_FSP.5.2E
ADV_FSP.6 Complete semi-formal functional specification with
Developer action elements
ADV_FSP.6.1D
ADV_FSP.6.2D
ADV_FSP.6.3D <\/td>\n<\/tr>\n
78<\/td>\nContent and presentation elements
ADV_FSP.6.1C
ADV_FSP.6.2C
ADV_FSP.6.3C
ADV_FSP.6.4C
ADV_FSP.6.5C
ADV_FSP.6.6C
ADV_FSP.6.7C
ADV_FSP.6.8C
ADV_FSP.6.9C
ADV_FSP.6.10C
Evaluator action elements
ADV_FSP.6.1E
ADV_FSP.6.2E <\/td>\n<\/tr>\n
79<\/td>\nImplementation representation (ADV_IMP)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
80<\/td>\nADV_IMP.1 Implementation representation of the TSF
Developer action elements
ADV_IMP.1.1D
ADV_IMP.1.2D
Content and presentation elements
ADV_IMP.1.1C
ADV_IMP.1.2C
ADV_IMP.1.3C
Evaluator action elements
ADV_IMP.1.1E
ADV_IMP.2 Complete mapping of the implementation representat <\/td>\n<\/tr>\n
81<\/td>\nDeveloper action elements
ADV_IMP.2.1D
ADV_IMP.2.2D
Content and presentation elements
ADV_IMP.2.1C
ADV_IMP.2.2C
ADV_IMP.2.3C
Evaluator action elements
ADV_IMP.2.1E
TSF internals (ADV_INT)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
82<\/td>\nADV_INT.1 Well-structured subset of TSF internals
Objectives
Application notes
Developer action elements
ADV_INT.1.1D
ADV_INT.1.2D
Content and presentation elements
ADV_INT.1.1C <\/td>\n<\/tr>\n
83<\/td>\nADV_INT.1.2C
Evaluator action elements
ADV_INT.1.1E
ADV_INT.1.2E
ADV_INT.2 Well-structured internals
Objectives
Application notes
Developer action elements
ADV_INT.2.1D
ADV_INT.2.2D
Content and presentation elements
ADV_INT.2.1C
ADV_INT.2.2C <\/td>\n<\/tr>\n
84<\/td>\nEvaluator action elements
ADV_INT.2.1E
ADV_INT.2.2E
ADV_INT.3 Minimally complex internals
Objectives
Application notes
Developer action elements
ADV_INT.3.1D
ADV_INT.3.2D
Content and presentation elements
ADV_INT.3.1C
ADV_INT.3.2C
Evaluator action elements
ADV_INT.3.1E <\/td>\n<\/tr>\n
85<\/td>\nADV_INT.3.2E
Security policy modelling (ADV_SPM)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
86<\/td>\nADV_SPM.1 Formal TOE security policy model
Developer action elements
ADV_SPM.1.1D
ADV_SPM.1.2D
ADV_SPM.1.3D
ADV_SPM.1.4D
Content and presentation elements
ADV_SPM.1.1C
ADV_SPM.1.2C
ADV_SPM.1.3C
ADV_SPM.1.4C <\/td>\n<\/tr>\n
87<\/td>\nEvaluator action elements
ADV_SPM.1.1E
TOE design (ADV_TDS)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
88<\/td>\nDetail about the Subsystems and Modules
ADV_TDS.1 Basic design
Developer action elements
ADV_TDS.1.1D
ADV_TDS.1.2D <\/td>\n<\/tr>\n
89<\/td>\nContent and presentation elements
ADV_TDS.1.1C
ADV_TDS.1.2C
ADV_TDS.1.3C
ADV_TDS.1.4C
ADV_TDS.1.5C
ADV_TDS.1.6C
Evaluator action elements
ADV_TDS.1.1E
ADV_TDS.1.2E
ADV_TDS.2 Architectural design
Developer action elements
ADV_TDS.2.1D
ADV_TDS.2.2D <\/td>\n<\/tr>\n
90<\/td>\nContent and presentation elements
ADV_TDS.2.1C
ADV_TDS.2.2C
ADV_TDS.2.3C
ADV_TDS.2.4C
ADV_TDS.2.5C
ADV_TDS.2.6C
ADV_TDS.2.7C
ADV_TDS.2.8C
Evaluator action elements
ADV_TDS.2.1E
ADV_TDS.2.2E
ADV_TDS.3 Basic modular design
Developer action elements
ADV_TDS.3.1D <\/td>\n<\/tr>\n
91<\/td>\nADV_TDS.3.2D
Content and presentation elements
ADV_TDS.3.1C
ADV_TDS.3.2C
ADV_TDS.3.3C
ADV_TDS.3.4C
ADV_TDS.3.5C
ADV_TDS.3.6C
ADV_TDS.3.7C
ADV_TDS.3.8C
ADV_TDS.3.9C
ADV_TDS.3.10C
Evaluator action elements
ADV_TDS.3.1E <\/td>\n<\/tr>\n
92<\/td>\nADV_TDS.3.2E
ADV_TDS.4 Semiformal modular design
Developer action elements
ADV_TDS.4.1D
ADV_TDS.4.2D
Content and presentation elements
ADV_TDS.4.1C
ADV_TDS.4.2C
ADV_TDS.4.3C
ADV_TDS.4.4C
ADV_TDS.4.5C
ADV_TDS.4.6C
ADV_TDS.4.7C
ADV_TDS.4.8C <\/td>\n<\/tr>\n
93<\/td>\nADV_TDS.4.9C
ADV_TDS.4.10C
Evaluator action elements
ADV_TDS.4.1E
ADV_TDS.4.2E
ADV_TDS.5 Complete semiformal modular design
Developer action elements
ADV_TDS.5.1D
ADV_TDS.5.2D
Content and presentation elements
ADV_TDS.5.1C
ADV_TDS.5.2C
ADV_TDS.5.3C
ADV_TDS.5.4C <\/td>\n<\/tr>\n
94<\/td>\nADV_TDS.5.5C
ADV_TDS.5.6C
ADV_TDS.5.7C
ADV_TDS.5.8C
Evaluator action elements
ADV_TDS.5.1E
ADV_TDS.5.2E
ADV_TDS.6 Complete semiformal modular design with formal hig
Developer action elements
ADV_TDS.6.1D
ADV_TDS.6.2D
ADV_TDS.6.3D
ADV_TDS.6.4D <\/td>\n<\/tr>\n
95<\/td>\nContent and presentation elements
ADV_TDS.6.1C
ADV_TDS.6.2C
ADV_TDS.6.3C
ADV_TDS.6.4C
ADV_TDS.6.5C
ADV_TDS.6.6C
ADV_TDS.6.7C
ADV_TDS.6.8C
ADV_TDS.6.9C
ADV_TDS.6.10C
Evaluator action elements
ADV_TDS.6.1E <\/td>\n<\/tr>\n
96<\/td>\nADV_TDS.6.2E
Class AGD: Guidance documents
Operational user guidance (AGD_OPE)
Objectives <\/td>\n<\/tr>\n
97<\/td>\nComponent levelling
Application notes
AGD_OPE.1 Operational user guidance
Developer action elements
AGD_OPE.1.1D
Content and presentation elements
AGD_OPE.1.1C
AGD_OPE.1.2C <\/td>\n<\/tr>\n
98<\/td>\nAGD_OPE.1.3C
AGD_OPE.1.4C
AGD_OPE.1.5C
AGD_OPE.1.6C
AGD_OPE.1.7C
Evaluator action elements
AGD_OPE.1.1E
Preparative procedures (AGD_PRE)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
99<\/td>\nAGD_PRE.1 Preparative procedures
Developer action elements
AGD_PRE.1.1D
Content and presentation elements
AGD_PRE.1.1C
AGD_PRE.1.2C
Evaluator action elements
AGD_PRE.1.1E
AGD_PRE.1.2E
Class ALC: Life-cycle support <\/td>\n<\/tr>\n
100<\/td>\nCM capabilities (ALC_CMC)
Objectives <\/td>\n<\/tr>\n
101<\/td>\nComponent levelling
Application notes
ALC_CMC.1 Labelling of the TOE
Objectives <\/td>\n<\/tr>\n
102<\/td>\nDeveloper action elements
ALC_CMC.1.1D
Content and presentation elements
ALC_CMC.1.1C
Evaluator action elements
ALC_CMC.1.1E
ALC_CMC.2 Use of a CM system
Objectives
Developer action elements
ALC_CMC.2.1D
ALC_CMC.2.2D
ALC_CMC.2.3D
Content and presentation elements
ALC_CMC.2.1C
ALC_CMC.2.2C <\/td>\n<\/tr>\n
103<\/td>\nALC_CMC.2.3C
Evaluator action elements
ALC_CMC.2.1E
ALC_CMC.3 Authorisation controls
Objectives
Developer action elements
ALC_CMC.3.1D
ALC_CMC.3.2D
ALC_CMC.3.3D
Content and presentation elements
ALC_CMC.3.1C
ALC_CMC.3.2C <\/td>\n<\/tr>\n
104<\/td>\nALC_CMC.3.3C
ALC_CMC.3.4C
ALC_CMC.3.5C
ALC_CMC.3.6C
ALC_CMC.3.7C
ALC_CMC.3.8C
Evaluator action elements
ALC_CMC.3.1E
ALC_CMC.4 Production support, acceptance procedures and auto
Objectives <\/td>\n<\/tr>\n
105<\/td>\nDeveloper action elements
ALC_CMC.4.1D
ALC_CMC.4.2D
ALC_CMC.4.3D
Content and presentation elements
ALC_CMC.4.1C
ALC_CMC.4.2C
ALC_CMC.4.3C
ALC_CMC.4.4C
ALC_CMC.4.5C
ALC_CMC.4.6C
ALC_CMC.4.7C <\/td>\n<\/tr>\n
106<\/td>\nALC_CMC.4.8C
ALC_CMC.4.9C
ALC_CMC.4.10C
Evaluator action elements
ALC_CMC.4.1E
ALC_CMC.5 Advanced support
Objectives <\/td>\n<\/tr>\n
107<\/td>\nDeveloper action elements
ALC_CMC.5.1D
ALC_CMC.5.2D
ALC_CMC.5.3D
Content and presentation elements
ALC_CMC.5.1C
ALC_CMC.5.2C
ALC_CMC.5.3C
ALC_CMC.5.4C
ALC_CMC.5.5C
ALC_CMC.5.6C
ALC_CMC.5.7C
ALC_CMC.5.8C <\/td>\n<\/tr>\n
108<\/td>\nALC_CMC.5.9C
ALC_CMC.5.10C
ALC_CMC.5.11C
ALC_CMC.5.12C
ALC_CMC.5.13C
ALC_CMC.5.14C
ALC_CMC.5.15C
ALC_CMC.5.16C
Evaluator action elements
ALC_CMC.5.1E
ALC_CMC.5.2E
CM scope (ALC_CMS)
Objectives <\/td>\n<\/tr>\n
109<\/td>\nComponent levelling
Application notes
ALC_CMS.1 TOE CM coverage
Objectives
Application notes
Developer action elements
ALC_CMS.1.1D
Content and presentation elements
ALC_CMS.1.1C
ALC_CMS.1.2C
Evaluator action elements
ALC_CMS.1.1E
ALC_CMS.2 Parts of the TOE CM coverage <\/td>\n<\/tr>\n
110<\/td>\nObjectives
Application notes
Developer action elements
ALC_CMS.2.1D
Content and presentation elements
ALC_CMS.2.1C
ALC_CMS.2.2C
ALC_CMS.2.3C
Evaluator action elements
ALC_CMS.2.1E
ALC_CMS.3 Implementation representation CM coverage
Objectives <\/td>\n<\/tr>\n
111<\/td>\nApplication notes
Developer action elements
ALC_CMS.3.1D
Content and presentation elements
ALC_CMS.3.1C
ALC_CMS.3.2C
ALC_CMS.3.3C
Evaluator action elements
ALC_CMS.3.1E
ALC_CMS.4 Problem tracking CM coverage
Objectives
Application notes
Developer action elements
ALC_CMS.4.1D <\/td>\n<\/tr>\n
112<\/td>\nContent and presentation elements
ALC_CMS.4.1C
ALC_CMS.4.2C
ALC_CMS.4.3C
Evaluator action elements
ALC_CMS.4.1E
ALC_CMS.5 Development tools CM coverage
Objectives
Application notes
Developer action elements
ALC_CMS.5.1D <\/td>\n<\/tr>\n
113<\/td>\nContent and presentation elements
ALC_CMS.5.1C
ALC_CMS.5.2C
ALC_CMS.5.3C
Evaluator action elements
ALC_CMS.5.1E
Delivery (ALC_DEL)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
114<\/td>\nALC_DEL.1 Delivery procedures
Developer action elements
ALC_DEL.1.1D
ALC_DEL.1.2D
Content and presentation elements
ALC_DEL.1.1C
Evaluator action elements
ALC_DEL.1.1E
Development security (ALC_DVS)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
115<\/td>\nALC_DVS.1 Identification of security measures
Developer action elements
ALC_DVS.1.1D
Content and presentation elements
ALC_DVS.1.1C
Evaluator action elements
ALC_DVS.1.1E
ALC_DVS.1.2E
ALC_DVS.2 Sufficiency of security measures
Developer action elements
ALC_DVS.2.1D
Content and presentation elements
ALC_DVS.2.1C <\/td>\n<\/tr>\n
116<\/td>\nALC_DVS.2.2C
Evaluator action elements
ALC_DVS.2.1E
ALC_DVS.2.2E
Flaw remediation (ALC_FLR)
Objectives
Component levelling
Application notes
ALC_FLR.1 Basic flaw remediation <\/td>\n<\/tr>\n
117<\/td>\nDeveloper action elements
ALC_FLR.1.1D
Content and presentation elements
ALC_FLR.1.1C
ALC_FLR.1.2C
ALC_FLR.1.3C
ALC_FLR.1.4C
Evaluator action elements
ALC_FLR.1.1E
ALC_FLR.2 Flaw reporting procedures
Objectives
Developer action elements
ALC_FLR.2.1D
ALC_FLR.2.2D <\/td>\n<\/tr>\n
118<\/td>\nALC_FLR.2.3D
Content and presentation elements
ALC_FLR.2.1C
ALC_FLR.2.2C
ALC_FLR.2.3C
ALC_FLR.2.4C
ALC_FLR.2.5C
ALC_FLR.2.6C
ALC_FLR.2.7C
ALC_FLR.2.8C
Evaluator action elements
ALC_FLR.2.1E
ALC_FLR.3 Systematic flaw remediation <\/td>\n<\/tr>\n
119<\/td>\nObjectives
Developer action elements
ALC_FLR.3.1D
ALC_FLR.3.2D
ALC_FLR.3.3D
Content and presentation elements
ALC_FLR.3.1C
ALC_FLR.3.2C
ALC_FLR.3.3C
ALC_FLR.3.4C
ALC_FLR.3.5C
ALC_FLR.3.6C <\/td>\n<\/tr>\n
120<\/td>\nALC_FLR.3.7C
ALC_FLR.3.8C
ALC_FLR.3.9C
ALC_FLR.3.10C
ALC_FLR.3.11C
Evaluator action elements
ALC_FLR.3.1E
Life-cycle definition (ALC_LCD)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
121<\/td>\nALC_LCD.1 Developer defined life-cycle model
Developer action elements
ALC_LCD.1.1D
ALC_LCD.1.2D
Content and presentation elements
ALC_LCD.1.1C
ALC_LCD.1.2C
Evaluator action elements
ALC_LCD.1.1E <\/td>\n<\/tr>\n
122<\/td>\nALC_LCD.2 Measurable life-cycle model
Developer action elements
ALC_LCD.2.1D
ALC_LCD.2.2D
ALC_LCD.2.3D
ALC_LCD.2.4D
Content and presentation elements
ALC_LCD.2.1C
ALC_LCD.2.2C
ALC_LCD.2.3C
Evaluator action elements
ALC_LCD.2.1E
Tools and techniques (ALC_TAT)
Objectives <\/td>\n<\/tr>\n
123<\/td>\nComponent levelling
Application notes
ALC_TAT.1 Well-defined development tools
Developer action elements
ALC_TAT.1.1D
ALC_TAT.1.2D
Content and presentation elements
ALC_TAT.1.1C
ALC_TAT.1.2C
ALC_TAT.1.3C <\/td>\n<\/tr>\n
124<\/td>\nEvaluator action elements
ALC_TAT.1.1E
ALC_TAT.2 Compliance with implementation standards
Developer action elements
ALC_TAT.2.1D
ALC_TAT.2.2D
ALC_TAT.2.3D
Content and presentation elements
ALC_TAT.2.1C
ALC_TAT.2.2C
ALC_TAT.2.3C
Evaluator action elements
ALC_TAT.2.1E
ALC_TAT.2.2E
ALC_TAT.3 Compliance with implementation standards – all par <\/td>\n<\/tr>\n
125<\/td>\nDeveloper action elements
ALC_TAT.3.1D
ALC_TAT.3.2D
ALC_TAT.3.3D
Content and presentation elements
ALC_TAT.3.1C
ALC_TAT.3.2C
ALC_TAT.3.3C
Evaluator action elements
ALC_TAT.3.1E
ALC_TAT.3.2E
Class ATE: Tests <\/td>\n<\/tr>\n
126<\/td>\nCoverage (ATE_COV)
Objectives
Component levelling
Application notes
ATE_COV.1 Evidence of coverage
Objectives
Application notes
Developer action elements
ATE_COV.1.1D <\/td>\n<\/tr>\n
127<\/td>\nContent and presentation elements
ATE_COV.1.1C
Evaluator action elements
ATE_COV.1.1E
ATE_COV.2 Analysis of coverage
Objectives
Application notes
Developer action elements
ATE_COV.2.1D
Content and presentation elements
ATE_COV.2.1C
ATE_COV.2.2C
Evaluator action elements
ATE_COV.2.1E <\/td>\n<\/tr>\n
128<\/td>\nATE_COV.3 Rigorous analysis of coverage
Objectives
Application notes
Developer action elements
ATE_COV.3.1D
Content and presentation elements
ATE_COV.3.1C
ATE_COV.3.2C
Evaluator action elements
ATE_COV.3.1E
Depth (ATE_DPT)
Objectives <\/td>\n<\/tr>\n
129<\/td>\nComponent levelling
Application notes
ATE_DPT.1 Testing: basic design
Objectives
Developer action elements
ATE_DPT.1.1D
Content and presentation elements
ATE_DPT.1.1C
ATE_DPT.1.2C <\/td>\n<\/tr>\n
130<\/td>\nEvaluator action elements
ATE_DPT.1.1E
ATE_DPT.2 Testing: security enforcing modules
Objectives
Developer action elements
ATE_DPT.2.1D
Content and presentation elements
ATE_DPT.2.1C
ATE_DPT.2.2C
ATE_DPT.2.3C
Evaluator action elements
ATE_DPT.2.1E
ATE_DPT.3 Testing: modular design <\/td>\n<\/tr>\n
131<\/td>\nObjectives
Developer action elements
ATE_DPT.3.1D
Content and presentation elements
ATE_DPT.3.1C
ATE_DPT.3.2C
ATE_DPT.3.3C
Evaluator action elements
ATE_DPT.3.1E
ATE_DPT.4 Testing: implementation representation
Objectives
Developer action elements
ATE_DPT.4.1D <\/td>\n<\/tr>\n
132<\/td>\nContent and presentation elements
ATE_DPT.4.1C
ATE_DPT.4.2C
ATE_DPT.4.3C
ATE_DPT.4.4C
Evaluator action elements
ATE_DPT.4.1E
Functional tests (ATE_FUN)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
133<\/td>\nATE_FUN.1 Functional testing
Objectives
Developer action elements
ATE_FUN.1.1D
ATE_FUN.1.2D
Content and presentation elements
ATE_FUN.1.1C
ATE_FUN.1.2C
ATE_FUN.1.3C
ATE_FUN.1.4C
Evaluator action elements
ATE_FUN.1.1E
ATE_FUN.2 Ordered functional testing
Objectives <\/td>\n<\/tr>\n
134<\/td>\nApplication notes
Developer action elements
ATE_FUN.2.1D
ATE_FUN.2.2D
Content and presentation elements
ATE_FUN.2.1C
ATE_FUN.2.2C
ATE_FUN.2.3C
ATE_FUN.2.4C
ATE_FUN.2.5C
Evaluator action elements
ATE_FUN.2.1E
Independent testing (ATE_IND)
Objectives
Component levelling <\/td>\n<\/tr>\n
135<\/td>\nApplication notes
ATE_IND.1 Independent testing – conformance
Objectives
Application notes <\/td>\n<\/tr>\n
136<\/td>\nDeveloper action elements
ATE_IND.1.1D
Content and presentation elements
ATE_IND.1.1C
Evaluator action elements
ATE_IND.1.1E
ATE_IND.1.2E
ATE_IND.2 Independent testing – sample
Objectives
Application notes <\/td>\n<\/tr>\n
137<\/td>\nDeveloper action elements
ATE_IND.2.1D
Content and presentation elements
ATE_IND.2.1C
ATE_IND.2.2C
Evaluator action elements
ATE_IND.2.1E
ATE_IND.2.2E
ATE_IND.2.3E
ATE_IND.3 Independent testing – complete
Objectives
Application notes <\/td>\n<\/tr>\n
138<\/td>\nDeveloper action elements
ATE_IND.3.1D
Content and presentation elements
ATE_IND.3.1C
ATE_IND.3.2C
Evaluator action elements
ATE_IND.3.1E
ATE_IND.3.2E
ATE_IND.3.3E
Class AVA: Vulnerability assessment
Application notes <\/td>\n<\/tr>\n
139<\/td>\nVulnerability analysis (AVA_VAN)
Objectives
Component levelling
AVA_VAN.1 Vulnerability survey
Objectives <\/td>\n<\/tr>\n
140<\/td>\nDeveloper action elements
AVA_VAN.1.1D
Content and presentation elements
AVA_VAN.1.1C
Evaluator action elements
AVA_VAN.1.1E
AVA_VAN.1.2E
AVA_VAN.1.3E
AVA_VAN.2 Vulnerability analysis
Objectives
Developer action elements
AVA_VAN.2.1D <\/td>\n<\/tr>\n
141<\/td>\nContent and presentation elements
AVA_VAN.2.1C
Evaluator action elements
AVA_VAN.2.1E
AVA_VAN.2.2E
AVA_VAN.2.3E
AVA_VAN.2.4E
AVA_VAN.3 Focused vulnerability analysis
Objectives
Developer action elements
AVA_VAN.3.1D <\/td>\n<\/tr>\n
142<\/td>\nContent and presentation elements
AVA_VAN.3.1C
Evaluator action elements
AVA_VAN.3.1E
AVA_VAN.3.2E
AVA_VAN.3.3E
AVA_VAN.3.4E
AVA_VAN.4 Methodical vulnerability analysis
Objectives
Developer action elements
AVA_VAN.4.1D <\/td>\n<\/tr>\n
143<\/td>\nContent and presentation elements
AVA_VAN.4.1C
Evaluator action elements
AVA_VAN.4.1E
AVA_VAN.4.2E
AVA_VAN.4.3E
AVA_VAN.4.4E
AVA_VAN.5 Advanced methodical vulnerability analysis
Objectives
Developer action elements
AVA_VAN.5.1D <\/td>\n<\/tr>\n
144<\/td>\nContent and presentation elements
AVA_VAN.5.1C
Evaluator action elements
AVA_VAN.5.1E
AVA_VAN.5.2E
AVA_VAN.5.3E
AVA_VAN.5.4E
Class ACO: Composition <\/td>\n<\/tr>\n
146<\/td>\nComposition rationale (ACO_COR)
Objectives
Component levelling <\/td>\n<\/tr>\n
147<\/td>\nACO_COR.1 Composition rationale
Developer action elements
ACO_COR.1.1D
Content and presentation elements
ACO_COR.1.1C
Evaluator action elements
ACO_COR.1.1E
Development evidence (ACO_DEV)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
148<\/td>\nACO_DEV.1 Functional Description
Objectives
Developer action elements
ACO_DEV.1.1D
Content and presentation elements
ACO_DEV.1.1C
ACO_DEV.1.2C
Evaluator action elements
ACO_DEV.1.1E
ACO_DEV.1.2E
ACO_DEV.2 Basic evidence of design <\/td>\n<\/tr>\n
149<\/td>\nObjectives
Developer action elements
ACO_DEV.2.1D
Content and presentation elements
ACO_DEV.2.1C
ACO_DEV.2.2C
ACO_DEV.2.3C
Evaluator action elements
ACO_DEV.2.1E
ACO_DEV.2.2E
ACO_DEV.3 Detailed evidence of design
Objectives <\/td>\n<\/tr>\n
150<\/td>\nDeveloper action elements
ACO_DEV.3.1D
Content and presentation elements
ACO_DEV.3.1C
ACO_DEV.3.2C
ACO_DEV.3.3C
ACO_DEV.3.4C
ACO_DEV.3.5C
Evaluator action elements
ACO_DEV.3.1E
ACO_DEV.3.2E
Reliance of dependent component (ACO_REL)
Objectives <\/td>\n<\/tr>\n
151<\/td>\nComponent levelling
Application notes
ACO_REL.1 Basic reliance information
Developer action elements
ACO_REL.1.1D
Content and presentation elements
ACO_REL.1.1C
ACO_REL.1.2C
ACO_REL.1.3C
Evaluator action elements
ACO_REL.1.1E <\/td>\n<\/tr>\n
152<\/td>\nACO_REL.2 Reliance information
Developer action elements
ACO_REL.2.1D
Content and presentation elements
ACO_REL.2.1C
ACO_REL.2.2C
ACO_REL.2.3C
ACO_REL.2.4C
Evaluator action elements
ACO_REL.2.1E
Composed TOE testing (ACO_CTT)
Objectives
Component levelling
Application notes <\/td>\n<\/tr>\n
153<\/td>\nACO_CTT.1 Interface testing
Objectives
Developer action elements
ACO_CTT.1.1D
ACO_CTT.1.2D
ACO_CTT.1.3D
ACO_CTT.1.4D <\/td>\n<\/tr>\n
154<\/td>\nContent and presentation elements
ACO_CTT.1.1C
ACO_CTT.1.2C
ACO_CTT.1.3C
ACO_CTT.1.4C
Evaluator action elements
ACO_CTT.1.1E
ACO_CTT.1.2E
ACO_CTT.1.3E
ACO_CTT.2 Rigorous interface testing
Objectives
Developer action elements
ACO_CTT.2.1D
ACO_CTT.2.2D <\/td>\n<\/tr>\n
155<\/td>\nACO_CTT.2.3D
ACO_CTT.2.4D
Content and presentation elements
ACO_CTT.2.1C
ACO_CTT.2.2C
ACO_CTT.2.3C
ACO_CTT.2.4C
Evaluator action elements
ACO_CTT.2.1E
ACO_CTT.2.2E
ACO_CTT.2.3E
Composition vulnerability analysis (ACO_VUL)
Objectives
Component levelling <\/td>\n<\/tr>\n
156<\/td>\nApplication notes
ACO_VUL.1 Composition vulnerability review
Developer action elements
ACO_VUL.1.1D
Content and presentation elements
ACO_VUL.1.1C
Evaluator action elements
ACO_VUL.1.1E
ACO_VUL.1.2E
ACO_VUL.1.3E <\/td>\n<\/tr>\n
157<\/td>\nACO_VUL.1.4E
ACO_VUL.2 Composition vulnerability analysis
Developer action elements
ACO_VUL.2.1D
Content and presentation elements
ACO_VUL.2.1C
Evaluator action elements
ACO_VUL.2.1E
ACO_VUL.2.2E
ACO_VUL.2.3E
ACO_VUL.2.4E
ACO_VUL.2.5E
ACO_VUL.3 Enhanced-Basic Composition vulnerability analysis
Developer action elements
ACO_VUL.3.1D <\/td>\n<\/tr>\n
158<\/td>\nContent and presentation elements
ACO_VUL.3.1C
Evaluator action elements
ACO_VUL.3.1E
ACO_VUL.3.2E
ACO_VUL.3.3E
ACO_VUL.3.4E
ACO_VUL.3.5E <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

Information technology. Security techniques. Evaluation criteria for IT security – Security assurance components<\/b><\/p>\n\n\n\n\n
Published By<\/td>\nPublication Date<\/td>\nNumber of Pages<\/td>\n<\/tr>\n
BSI<\/b><\/a><\/td>\n2020<\/td>\n192<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":350601,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[2641],"product_tag":[],"class_list":{"0":"post-350594","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-bsi","8":"first","9":"instock","10":"sold-individually","11":"shipping-taxable","12":"purchasable","13":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/350594","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/350601"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=350594"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=350594"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=350594"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}