![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0062: What Must Be Tested for an ST Running On Multiple Platforms?
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2002-08-13 |
| Last Modified | 2006-08-02 |
Issue
Must all possible valid combinations of hardware base and operating system identified in the ST be tested for a software TOE that can operate on more than one hardware base and/or more than one operating system?
Resolution
Evaluators are entitled to limit the extent of their test configurations (in an attempt to achieve timely and economical evaluations), but must have confidence that all possible configurations enumerated in the ST meet the testing requirements. This may involve the vendor presenting architectural arguments of hardware or software equivalence; results of standardized hardware or software testing; or engineering arguments based on hardware or software design information.
Additionally, if the CC SAR ADO_IGS.1 is included in the ST, then the evaluator is responsible for confirming that the installation, generation, and start-up procedures result in a secure configuration for all configurations specified in the ST. This may involve performing the installation, generation, and start-up procedures on all configurations in order to attain the assurance that they all result in a secure configuration, or performing the actions for a subset of the configurations and providing an argument (in the ETR) for those configurations not "tested".
Support
The CEM, Part 2, Version 1.0, gives some guidance on this issue in work unit ATE_IND.1-1 and the guidance that follows (page 100).
Modification History:
- 2004-08-12
- Updated effective date to reflect the date the PD was issued. (August 2004 NIB 6.c.xiv)
References:
- None
Related NIs:
- None
Related CCIMB-INTERPs:
- None
Source OD: 0141