NIAP: Assurance Continuity
  NIAP  »»  Product Compliant List  »»  Product Entry  »»  Assurance Continuity  
Assurance Continuity - Curtiss-Wright Defense Solutions Data Transport System 1-Slot Software Encryption Layer

CC Certificate [PDF] Validation Report [PDF] Assurance Activity [PDF]

Administrative Guide [PDF]

Please note:  The above files are for the Original Evaluated TOE.  Consequently, they do not refer to this maintained version, although they apply to the maintained version. 

Security Target [PDF] * Assurance Continuity Maintenance Report [PDF] Administrative Guide [PDF]

Please note:  This serves as an addendum to the VR for the Original Evaluated TOE. 

* This is the Security Target (ST) associated with this latest Maintenance Release.  To view previous STs for this TOE, click here.

Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product.  Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate.  Such assurance can only be gained through re-evaluation. 

Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary.  A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target.  Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents. 

Product Description

The following table presents the changes incorporated into the TOE For each change, a description is provided and an analysis as to why it is not a major change.

Change Description

Security Analysis

Fix to prevent accidental cmkey –zpsk operation (requires crypto firmware version 5.2 or later)

Added extra error checking to the interaction between the layers.  There exists a checksum of the payload being sent from the S/W layer to the H/W layer.  In previous versions, the command byte was not being included in this calculation.  If a bit error occurred on the I2C bus, then instead of one command (updating the sensors) it would then perform a zeroize PSK command. This is an added function and no SFRs are directly impacted by this change.

Fix error reporting in cmkey and cmlogin

This is an error reporting clarification issue and not directly related to any claimed SFR.

Add the cmlog command             


Auditing is not an evaluated function

Fix for rmcctl –wipe to be allowed when boot flash is write protected

This is a bug fix where the customer couldn’t wipe the RMC configuration if the write protect switch was enabled.  For example, if the customer configured the RMC with 4 partitions and wanted to re-configure the RMC with 2 partitions, they would need to run the `--wipe` command first to change from 4 to 2 partitions.  The customer could always wipe the drive but this allows more flexibility. 

Fix sens -p issues

The sens command is health test related.  This fixes a display error and no SFRs are directly impacted by this change.

Fix rmcpurge issue where missing functions were reported when purging an actively mounted software image

This is an error reporting issue and not directly related to any claimed SFR.

Update iSCSI feature to support iSCSI target exports of SW Encrypted drives and SW Encrypted partitions

Fixed software bug in iSCSI export routine not directly related to any claimed SFR.

Fix cmkey issues where the HMAC wasn’t being written to RMC with the          --force option

This is just a change to the command line interface options.  The documented and evaluated process works as described. Additional options have been added.

Fix cmkey key loaded status

This is a status reporting clarification issue and not directly related to any claimed SFR

Fix issue with nfsctl

Fixed software bug related to nfsctl CLI arguments not directly related to any claimed SFR

These changes were software bug fixes, addition of error/bound checking and reporting, and changes to command line interface options. No SFRs are directly impacted by an added function, added flexibility, or software bug fixes.

Vendor Information

Robin Lamb
Site Map              Contact Us              Home