NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0316:  Update to FPT_TST_EXT.2.1

Publication Date

Protection Profiles

Other References

Issue Description

FPT_TST_EXT.2.1 is defined in both NDcPP v2.0 + Errata 20180314 and VPN GW v2.1. FPT_TST_EXT.2.1 will be renamed in VPN GW v2.1 to FPT_TST_EXT.3.1.


The VPN GW v2.1 EP is modified as follows:

The Application Note for FPT_FLS.1.1/SelfTest is modified as follows:

Application Note: The failures relevant to this requirement are the FPT_TST_EXT.1.1 requirement in the NDcPP/FWcPP and the FPT_TST_EXT.3.1 requirement specified in this EP.

FPT_TST_EXT.2 Extended: TSF Testing is modified as follows:

FPT_TST_EXT.3 Extended: TSF Testing


The TSF shall provide the capability to verify the integrity of stored TSF executable code when it is loaded for execution through the use of the TSF provided cryptographic service specified in

Application Note:
This requirement expands upon the self-test requirements defined in the NDcPP/FWcPP by specifying the method by which one of the self-tests is to be performed. “Stored TSF executable code” refers to the entire software image of the device and not just the code related to the VPN Gateway functionality defined by this EP.

O.FAIL_SECURE Objective mapping is modified as follows:


There may be instances where the TOE’s hardware malfunctions or the integrity of the TOE’s software is compromised, the latter being due to malicious or non-malicious intent. To address the concern of the TOE operating outside of its hardware or software specification, the TOE will shut down upon discovery of a problem reported via the self-test mechanism and provide signature-based validation of updates to the TSF
Addressed by: FPT_FLS.1/SelfTest, FPT_TST_EXT.1, FPT_TST_EXT.3, FPT_TUD_EXT.1


See Issue Description

Site Map              Contact Us              Home