600.436 High-Assurance
Systems
Fall 01/System Security Realization
44
Subset of TSF Implementation
¨“Developer shall provide
implementation representation for a selected subset of the TSF”
–Negotiated between developer and
evaluator
¨“The implementation representation
shall unambiguously
define the TSF to a level of detail such that the TSF can be generated without further
design decisions.”
¨“The implementation representation
shall be internally consistent”