NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: mod_vi_v1.0

Technology Type: Peripheral Switch

CC Version: 3.1

Date: 2019.07.19

Conformance Claim: None

Protection Profile 

Supporting Docs 

PP Configuration for PSD-VI_V1.0 

Control Mapping 

PP Configuration for PSD-KM-VI_V1.0  

PP-Configuration for PSD-AO-KM-UA-VI_V1.0  

PP-Configuration for PSD-AO-VI_V1.0  

PP-Configuration for PSD-AO-KM-VI_V1.0  

PP-Configuration for PSD-KM-UA-VI_V1.0  

PP OVERVIEW

The scope of this Protection Profile (PP)-Module is to describe the security functionality of a specific type of Peripheral Sharing Device (PSD) product in terms of Common Criteria for Information Technology Security Evaluation, version 3.1, Release 5 [CC] and to define functional and assurance requirements for such products.

A Target of Evaluation (TOE) claiming conformance to this PP-Module must also claim conformance to the Peripheral Sharing Device Protection Profile (PSD PP) as its Base-PP. This is because the PSD PP is a generic Protection Profile aimed at defining baseline requirements and Evaluation Activities for a wide variety of PSD products, but additional specific requirements and Evaluation Activities apply depending on the types of physical and logical interfaces a PSD includes. Therefore, this PP-Module defines additional Security Functional Requirements (SFRs) for security functionality unique to a PSD that includes the ability to manipulate or assign video source inputs to video or display output devices.

SECURITY EVALUATION SUMMARY

A compliant Target of Evaluation (TOE) for this PP-Module is any PSD that supports connectivity for one or more video output peripheral devices. All of the requirements and restrictions that the PSD PP defines apply to a conformant TOE. A conformant TOE satisfies all of the specific data protection/isolation capabilities that the PSD PP requires. A conformant TOE embodies one or more of the use cases defined in the PSD PP.

A candidate TOE for claiming conformance to this PP-Module is any TOE that conforms to the PSD PP and includes video and display functionality as connected peripherals. In particular, a conformant TOE should support one or more video sources and one or more video display devices.

The TOE may include functionality for additional types of computer interfaces (e.g. keyboard/mouse, user authentication device). When this is the case, the TOE will claim conformance to all applicable PP-Modules that extend the PSD PP.

Assigned to the following Validated Products

• VID11122 – Vertiv CYBEX™ SCMV2160DPH, SC840DVIE, SC940DVIE, SC840HE, SC940HE, SC840DPE, SC940DPE Firmware Version 44404-E7E7 Peripheral Sharing Devices
• VID11133 – IPGARD Secure KVM Switch/Isolator (CAC Models)
• VID11134 – IPGARD Secure KVM Switch (Non-CAC Models)
• VID11166 – Tripp Lite Secure KVM Switch (CAC Models)
• VID11167 – Tripp Lite Secure KVM Switch (Non-CAC Models)
• VID11168 – Sekuryx Secure KVM Switch (CAC Models)
• VID11169 – Sekuryx Secure KVM Switch (Non-CAC Models)
• VID11193 – SK41D-4TR KVM, Firmware Version 44404-E7E7
• VID11221 – ATEN Secure KVM Switch Series (CAC Models)
• VID11222 – ATEN Secure KVM Switch Series (Non-CAC Models)
• VID11223 – IOGEAR Secure KVM Switch Series (CAC Models)
• VID11224 – IOGEAR Secure KVM Switch Series (Non-CAC Models)
• VID11240 – Black Box Secure KVM Switch/Isolator (CAC Models)
• VID11241 – Black Box Secure KVM Switch (Non-CAC Models)
• VID11252 – Vertiv CYBEX™ SC820DPH, SC840DPH, SC920DPH, SC940DPH, SC840DPHC, SC940DPHC, SC840DVI, SC940DVI Firmware Version 44404-E7E7 Peripheral Sharing Devices
• VID11288 – Vertiv CYBEX™ SC845DPH, SC945DPH, SC845DPHC, SC945DPHC, SCM145DPH, SCM185DPH, SC985DPH, SCMV245DPH, SCMV285DPH Firmware Version 44444-E7E7 Peripheral Sharing Devices
• VID11304 – BAE Systems Secure KVM Gen2 8560943-2
• VID11323 – Raritan Secure KVM Switch Series with CAC
• Belkin F1DN104KVM-UN-4, F1DN204KVM-UN-4, F1DN102KVM-UN-4, F1DN202KVM-UN-4, F1DN108KVM-UN-4, F1DN208KVM-UN-4, F1DN116KVM-UN-4 Firmware Version 44444-E7E7 Peripheral Sharing Devices
• Belkin F1DN104KVM-UNN4, F1DN204KVM-UNN4, F1DN102KVM-UNN4, F1DN202KVM-UNN4 Firmware Version 44404-E7E7 Peripheral Sharing Devices
• Belkin F1DN102MOD-BA-4, F1DN202MOD-BA-4, F1DN104MOD-BA-4, F1DN204MOD-BA-4, F1DN108MOD-BA-4, F1DN208MOD-BA-4, F1DN102MOD-HH-4, F1DN102MOD-PP-4, F1DN102MOD-DD-4, F1DN202MOD-HH-4, F1DN202MOD-PP-4, F1DN202MOD-DD-4, F1DN104MOD-HH-4, F1DN104MOD-PP-4, F1DN108MOD-PP-4, F1DN104MOD-DD-4, F1DN204MOD-HH-4, F1DN204MOD-PP-4, F1DN208MOD-PP-4, F1DN204MOD-DD-4, F1DN104MOD-XX-4, F1DN204MOD-XX-4 Firmware Version 44404-E7E7 Peripheral Sharing Devices
• Adder AVS-4112, AVS-2112, AVS-4114, AVS-4214, AVS-2114, AVS-2214, AVS-4128, AVS-4124, AVS-1124, AVS-4224 Firmware Version 44404-E7E7 Peripheral Sharing Devices
• Adder AVS-4228, AVS-42216, XDS441, XDS441FX Firmware Version 44404-E7E7 Peripheral Sharing Devices
• High Sec Labs SK41PHU-4, DK42PHU-4, SX42PHU-4, SX82PHU-4, SC42DHU-4, SC42PHU-4 Firmware Version 44444-E7E7 Peripheral Sharing Devices

Active Related Technical Decisions

• 0686 – DisplayPort CEC Testing
  • References:  FDP_SPR_EXT.1/DP; FDP_APC_EXT.1
• 0681 – PSD purging of EDID data upon disconnect
  • References:  FDP_PDC_EXT.1/VI, SD
• 0620 – EDID Read Requirements
  • References:  FDP_PDC_EXT.3.2
• 0593 – Equivalency Arguments for PSD
  • References:  Section 2.1, MOD AO SD v1.0, MOD AI SD v1.0, MOD KM SD v1.0, MOD UA SD v1.0, MOD VI SD v1.0
• 0586 – DisplayPort and HDMI Interfaces in FDP_IPC_EXT.1
  • References:  FDP_IPC_EXT.1
• 0584 – Update to FDP APC_EXT.1 Video Tests
  • References:  FDP_APC_EXT.1, MOD VI SD v1.0
• 0539 – Incorrect selection trigger in FTA_CIN_EXT.1 in MOD_VI_V1.0
  • References:  FTA_CIN_EXT.1, SD for Video/Display Module
• 0514 – Correction to MOD_VI FDP_APC_EXT.1 Test 3 Step 6
  • References:  FDP_APC_EXT.1,
• 0506 – Missing Steps to disconnect and reconnect display
  • References:  FDP_ACP_EXT.1