![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0152: Internal Inconsistency within the IDS System PP regarding FPT_STM
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2009-06-01 |
| Last Modified | 2009-06-01 |
Issue
There is an apparent inconsistency in the U.S. Government Protection Profile Intrusion Detection System - System For Medium Robustness Environments. This inconsistency relates to FPT_STM. FPT_STM levies the reliable timestamp requirement on the TOE, whereas the mapped objective (OE.TIME) states that the timestamps shall be provided by the IT environment.
A recent evaluation addressed this inconsistency by noting the following in the rationale for the work unit ASE_TSS.1-1, it states:
Although, no description is present in the TSS that describes how the TOE meets FPT_STM.1, there is an application note in ST section 6.1.4.2 which justifies its omission from the TSS. The application note states:
"Application Note: FPT_STM.1 is included in the IDS System PP; however, this contradicts OE.TIME: "The IT Environment will provide reliable timestamps to the TOE.", which is also part of the IDS System PP. This ST will treat FPT_STM.1 as an IT Environment SFR."
The evaluator has determined this is an expectable solution due the conflicting justification in the PP that includes FPT_STM.1 as a TOE SFR, yet maps the function to an Objective for the Environment (OE.TIME).
Resolution
The U.S. Government Protection Profile Intrusion Detection System - System For Medium Robustness Environments states in "OE.TIME" that the IT Environment will provide reliable timestamps to the TOE. Therefore, CCEVS agrees that FPT_STM.1 Reliable time stamps should be designated to the IT environment. The PP will be updated to reflect this decision in the next version. In the interim, CCEVS accepts the above application note as an acceptable justification to be placed in a product ST claiming conformance to the U.S. Government Protection Profile Intrusion Detection System - System For Medium Robustness Environments.
Support
A product can comply with the IDS PP and be distinct from an underlying OS. Therefore, the TOE getting the timestamps from the environment was intended to be acceptable, as stated in the objective OE.TIME. The PP shall be updated to remedy the identified inconsistency.
Modification History:
- 2009-06-01
- PD created (April/May 2009 ODRB Meeting, Agenda Item 3.a.iv)
References:
- None
Related NIs:
- None
Related CCIMB-INTERPs:
- None
Source OD: 0284