600.436 High-Assurance Systems
Fall 01/System Security Realization
44
Subset of TSF Implementation
¨“Developer shall provide implementation representation for a selected subset of the TSF”
–Negotiated between developer and evaluator
¨“The implementation representation shall unambiguously define the TSF to a level of detail such that the TSF can be generated without further design decisions.”
¨“The implementation representation shall be internally consistent”