|
|
| Path Chosen for this Course: |
|
| Compliance Validation |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| ¨ | High
assurance cannot be established only by |
||||||||||||
| unconstrained
search for vulnerabilities |
|||||||||||||
| ¨ | High
assurance requires |
||||||||||||
| – | Security
requirements that aren’t intrinsically |
||||||||||||
| vulnerable
to threats in the intended environment |
|||||||||||||
| – | Proof
that implementation meets requirements |
||||||||||||
| – | Search
for vulnerabilities introduced by the specific |
||||||||||||
| implementation
of the requirements, constrained by the |
|||||||||||||
| assumptions
about the intended environment |
|||||||||||||
| – | Minimal
reliance on competence of specific evaluators |
||||||||||||
|
|
| 600.436 High- |
|
| Assurance
Systems |
|
| Fall
01/Introduction |
| 4 |