600.436 High-Assurance
Systems
Fall
01/Protection Profiles
14
Example - Rationale Sample
¨Assert
EAL4 is known set of components:
–mutually
supportive and internally consistent
–for
which dependencies are satisfied
¨Assurance
always supports functionality
¨Justify
assurance level chosen
–EAL4
requires no specialist techniques
–defence against sophisticated attacks: must have access to
low-level design / source code