600.436 High-Assurance
Systems
Fall 01/System Security Realization
37
Minimization of Complexity
¨The developer shall design and structure the TSF in such
a way that minimizes the complexity of
the entire TSF.
¨The developer shall design and
structure the portions of the TSF that enforce any access control and/or information flow control policies
such that they are simple enough to be analyzed.
¨The developer shall ensure that
functions whose objectives are not relevant for the TSF are excluded from the TSF modules.
¨The architectural description shall describe how the entire TSF has been
structured to minimize complexity.
¨The architectural description
shall justify the inclusion of any non-TSP-enforcing modules in the TSF.