| About the Requirements |
|
|
|
|
|
|
|
|
|
|
|
|
|
| ¨ | Some
of the requirements are testable: |
|||||||||||
| “The system shall enforce a clearly
defined |
||||||||||||
| authentication
policy.” |
||||||||||||
| ¨ | Some
are contextual: |
|||||||||||
| “The system may assume that physical
access to the |
||||||||||||
| machine
is restricted by external (human) controls.” |
||||||||||||
| ¨ | Some
may be process-oriented: |
|||||||||||
| “No code change shall be committed to the
source |
||||||||||||
| base
until it has been examined and approved by |
||||||||||||
| someone
other than the developer.” |
||||||||||||
|
|
| 600.436 High- |
|
| Assurance
Systems |
|
| Fall
01/Introduction |
| 11 |