![[Public Interpretations Database]](/assets/images/public-interps.jpg){kind=small}
I-0469: What Does "Initial Startup" Mean For FPT_AMT And FPT_TST?
TYPE: Guidance NUMBER: I-0469 STATUS: Sent to CCEVS Management and CCIMB for Review TITLE: What Does "Initial Startup" Mean For FPT_AMT And FPT_TST? MOST RECENT REPOST: [cc-cmt 01249] RELATED TO: <None>
ISSUE:
If a PP/ST selects "during initial startup" in the FPT_AMT or FPT_TST requirement, can that be interpreted as "when the site initially installs the system"?STATEMENT
"Initial start-up" refers to each time the TOE begins execution of the TSF (i.e., "boot"). Only in rare cases (i.e., systems up continuously and never rebooted) is "initial start-up" the same as "initial installation".SUPPORT:
The confusion underlying this arises from the fact that the phrase "startup" has different meanings in ADO_IGS and FPT_AMT. In CC v2.1 Part 3, Section 9.2 paragraph 291 (ADO_IGS, which talks about when the site initially installs the system) says:Installation, generation, and start-up procedures are useful for ensuring that the TOE has been installed, generated, and started up in a secure manner as intended by the developer. The requirements for installation, generation and start-up call for a secure transition from the TOE's implementation representation being under configuration control to its initial operation in the user environment.
This indicates there is a difference between installation and start-up; if the two were identical, only one term would be used.
FMT_AMT does not use "installation", but it does use "start-up". However, it also uses the term "periodically", which seems to apply only while the system was up and running (excluding the installation). It doesn't seem acceptable to equate "periodically" with installation, because it doesn't verify that conditions haven't changed from initial installation.