![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0019: Allocation of Requirements in a PP to the Environment
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2002-03-11 |
| Last Modified | 2006-08-02 |
Issue
Can an ST allocate (fully or partially) functional and/or assurance requirements that are specified in a PP to the environment (i.e., assumptions, IT Environment requirements) and claim conformance to the PP?
Resolution
In order for an ST to claim conformance to a PP, the TOE, specified by the ST, must fully satisfy and conform to the PP's stated TOE security objectives and requirements.
Support
The CC (Part I, C.2.8) is quite clear that the when presenting a claim of PP conformance, the ST author must justify that the PP stated TOE objectives and requirements are satisfied by the ST stated TOE objectives and requirements. The PP claim rationale must describe and justify any differences between the ST stated TOE objectives and requirements and the PP stated TOE objectives and requirements for which conformance is claimed. It is acceptable for the TOE to have additional objectives or more stringent requirements than those contained in the PP. If the TOE were to have a reduced set of objectives or less stringent requirements this would indicate an ST which is claiming partial conformance to a PP and this is clearly not allowed (CC Part I, C.2.8 e)).
The CC is also quite clear that only the TOE security requirements can satisfy the TOE objectives, and the security requirements for the IT environment satisfy the objectives for the environment:
CC Part I, C.2.6 a) states the following:
"The statement of TOE security requirements shall define the functional and assurance security requirements that the TOE and the supporting evidence for its evaluation need to satisfy in order to meet the security objectives for the TOE."
CEM work unit ASE_REQ.1-18 states the following:
"The evaluator shall examine the security requirements rationale to determine that the TOE security requirements are traced back to the security objectives for the TOE."
CEM work unit ASE_REQ.1-19 states the following:
"The evaluator shall examine the security requirements rationale to determine that the security requirements for the IT environment are traced back to the security objectives for the environment."
Modification History:
- 2004-08-12
- Updated effective date to reflect the date the PD was issued. (August 2004 NIB 6.c.xiv)
References:
- None
Related NIs:
- None
Related CCIMB-INTERPs:
- None
Source OD: 0138