[Public Interpretations Database]

I-0459: CM Systems May Have Varying Degrees Of Rigor And Function

 
TYPE:                 NIAP Interpretation
NUMBER:               I-0459
STATUS:               Approved, Acceptable to CCIMB, CCIMB Interpretation
                      Pending

TITLE:                CM Systems May Have Varying Degrees Of Rigor And Function
SUPERSEDES:
     I-0412           Configuration Items In The Absence Of Configuration Management

EFFECTIVE:            2002-07-19

SOURCE REFERENCE:     CC v2.1 Part 3 Subclause 8.2 ACM_CAP
RELATED TO:
     I-0412           Configuration Items In The Absence Of Configuration Management
     I-0338           Configuration Items In The Absence Of Explicit Scope
CCIMB ENTRY:          CCIMB-INTERP-0238

ISSUE:

The content and presentation of evidence elements introduced at ACM_CAP.2 all deal with uniquely identifying all items that make up the TOE and having their descriptions in a configuration list. This configuration list is contained in the CM documentation, which is required by ACM_CAP.2.3D. However, there are no requirements that formal configuration management (as is implied by the term "CM System") be performed on any of these items. Hence, the use of the term "CM system" creates confusion.

STATEMENT

CM systems may have varying degrees of rigour and function. At the lowest level, a CM system may be a simple configuration list. At the highest level, a CM system may be automated, with flaw remediation, change controls, and other tracking mechanisms.

RECOMMENDED CRITERIA CHANGES

[Note: The changes stated below are ADVISORY ONLY, and represent one approach to addressing the guidance in the statement. Other approaches that achieve the same goal are acceptable.]

To address this interpretation, the following changes are made to CC v2.1 Part 3:

  • Add the following paragraph before paragraph 252:

    CM systems may have varying degrees of rigour and function. At the lowest level, a CM system may be a simple configuration list. At the highest level, a CM system may be automated, with flaw remediation, change controls, and other tracking mechanisms.

SUPPORT:

CCIMB-INTERP-0003 makes changes to ACM_CAP to better define the purpose of a configuration list, and at ACM_CAP.2, implies that the configuration list is identical to a CM system. However, this is not made explicit. This interpretation adds explanatory words clarifying that at the lowest level of function, a CM system may be just a simple configuration list.

2003-07: This was reviewed by the CCIMB, who issued the following interim statement: (RI 238 == I-0459)

The CM system is the procedures for managing the TOE. CM documentation describes the CM system. The intent of RI-238 is agreed upon by the CCIMB, but not the specific approach.

The national interpretation identifies confusion between the terms "CM system", "CM documentation", and "configuration list". After intense discussion, the CCIMB agrees that these terms -- as well as others used throughout ACM -- are inconsistently used and therefore confusing. The CCIMB believes that all of the terms in ACM will have to be revisited and defined precisely, and the whole of ACM updated accordingly. However, rather than waiting for the opportunity to correct the whole of ACM, the CCIMB provides the following as an interim response:

Although the related discussions are still on-going, the CCIMB currently has the general opinion that a "CM system" is the set of procedures and technical means used to identify and maintain control over the TOE. (At its most basic level, a CM system may simply be the means used to identify the items comprising the TOE plus its associated identification method(s); at higher levels, a CM system may include automated tools to aid in the processing, with change control, and other tracking procedures.) The "CM documentation" describes this CM system. The "configuration list" identifies and describes the set of items that are controlled under the CM system. During its discussion, the CCIMB realised there is no unanimous opinion concerning whether the configuration list is part of the CM system (rather than its output), nor a unanimous view on the difference between a non-automated CM system and the CM documentation that describes it.

The national interpretation defines the CM system as being only the configuration list, omitting the crucial element of the associated procedures. Therefore the CCIMB disagrees with the definitions put forth in this national interpretation.

The CCIMB believes, however, that the national interpretation includes the associated procedures within the definition of "CM documentation"; this would result in the total collection of the definitions of these terms in the interpretation to be consistent with the view the CCIMB has on the total collection of the terms. That is to say, the CCIMB believes that the national interpretation would be accomplishing the correct overall intent, although the individual terms are not being defined correctly.