600.436 High-Assurance Systems
Fall 01/System Security Realization
36
Reduction of Complexity
¨The developer shall design and structure the TSF in a layered fashion that minimizes mutual interactions between the layers of the design.
¨The developer shall design and structure the TSF in such a way that minimizes the complexity of the portions of the TSF that enforce any access control and/or information flow control policies.
¨The architectural description shall identify the modules of the TSF and shall specify which portions of the TSF enforce the access control and/or information flow control policies.
¨The architectural description shall describe the layering architecture.
¨The architectural description shall show that mutual interactions have been minimized, and justify those that remain.
¨The architectural description shall describe how the portions of the TSF that enforce any access control and/or information flow control policies have been structured to minimize complexity.