Archived TD0026: Update to FPT_TUD_EXT.1
PP_ND_V1.1, requirement FPT_TUD_EXT.1
FPT_TUD_EXT.1 as currently written has a test Assurance Activity that instructs the evaluator to verify that the TOE rejects an illegitimate update. This does not allow for the case where the administrator follows the instructions in the operational guidance and rejects an illegitimate update.
The Test 2 Assurance Activity should be rewritten as follows:
The intent of this requirement is that either the TOE rejects the corrupt update without any administrator intervention or the TOE detects a corrupt update and the administrator is instructed by the operational guidance to reject the update. The modification adds the option for administrator intervention.