600.436 High-Assurance Systems
Fall 01/System Security Realization
37
Minimization of Complexity
¨The developer shall design and structure the TSF in such a way that minimizes the complexity of the entire TSF.
¨The developer shall design and structure the portions of the TSF that enforce any access control and/or information flow control policies such that they are simple enough to be analyzed.
¨The developer shall ensure that functions whose objectives are not relevant for the TSF are excluded from the TSF modules.
¨The architectural description shall describe how the entire TSF has been structured to minimize complexity.
¨The architectural description shall justify the inclusion of any non-TSP-enforcing modules in the TSF.