NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0310:  FIT Technical Decision for Firmware Update Authentication

Publication Date
2018.04.17

Protection Profiles
CPP_FDE_EE_V2.0

Other References
FPT_FUA_EXT.1

Issue Description

The FIT has issued a Technical Decision for Firmware Update Authentication.

Resolution

The following is added to FDE  EE cPP V2.0 Appendix F: Glossary:

Root of Trust for Update

An RTV that verifies the integrity and authenticity of an update payload before initiating the update process.

Root of Trust for Verification

An RoT that verifies an integrity measurement against a policy.

The following is added to FDE  EE cPP V2.0 Appendix G: Acronyms:

RTU Root of Trust for Update

RTV Root of Trust for Verification

RoT Root of Trust

The Application Note in FDE  EE cPP V2.0 for FPT_FUA_EXT.1.3 is changed to:

The firmware portion of TSF (e.g., RTU (key store and the signature verification algorithm)) shall be stored in a write protected area on the TOE. The firmware shall only be modifiable in a post-manufacturing state using the authenticated update mechanism described in FPT_FUA_EXT.1. The TSF is modifiable only by using the mechanisms specified in FPT_TUD_EXT.

For further information, please see the FIT interpretation here: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/FITDecision201802.pdf

Justification

See issue description.

 
 
Site Map              Contact Us              Home