NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0026:  Update to FPT_TUD_EXT.1

Publication Date

Protection Profiles

Other References
PP_ND_V1.1, requirement FPT_TUD_EXT.1

Issue Description

FPT_TUD_EXT.1 as currently written has a test Assurance Activity that instructs the evaluator to verify that the TOE rejects an illegitimate update. This does not allow for the case where the administrator follows the instructions in the operational guidance and rejects an illegitimate update.


The Test 2 Assurance Activity should be rewritten as follows:

  • Test 2: The evaluator performs the version verification activity to determine the current version of the product. The evaluator obtains or produces an illegitimate update, and attempts to install it on the TOE. The evaluator verifies that the TOE either rejects the update without intervention or detects that the update is illegitimate and allows the administrator to reject the update (as specified in the operational guidance).

The intent of this requirement is that either the TOE rejects the corrupt update without any administrator intervention or the TOE detects a corrupt update and the administrator is instructed by the operational guidance to reject the update. The modification adds the option for administrator intervention.

Site Map              Contact Us              Home