TD0018: Removal of FPT_TST_EXT.1.2(2)
PP_MDM_V1.1, requirement FPT_TST_EXT.1(2)
FPT_TST_EXT.1.2(2) in the MDM PP is more indicative of a MDF PP requirement to ensure system components and installed applications cannot be modified except through authorized updates, rather than something that should be in the MDM PP.
FPT_TST_EXT.1.2(2) and all applicable Assurance Activities should be removed from the MDM PP. The modified FPT_TST_EXT.1(2) should read as follows:
FPT_TST_EXT.1(2): TSF Testing
FPT_TST_EXT.1.1(2) The [selection: MDM Agent, MDM Agent platform] shall run a suite of self tests during initial start-up (on power on) to demonstrate correct operation of the MDM Agent.
While the TOE is typically a software package running in the IT Environment, it is still capable of performing the self-test activities required above. It should be understood, however, that there is a significant dependency on the host environment in assessing the assurance provided by the tests mentioned above (meaning that if the host environment is compromised, the self tests will not be meaningful).
The evaluator shall examine the TSS to ensure that it details the self tests that are run by the TSF on start-up; this description should include an outline of what the tests are actually doing (e.g., rather than saying "memory is tested", a description similar to "memory is tested by writing a value to each memory location and reading it back to ensure it is identical to what was written" shall be used). The evaluator shall ensure that the TSS makes an argument that the tests are sufficient to demonstrate that the TSF is operating correctly.
This change will be reflected in any updates to this PP or any EPs related to this PP.