600.436 High-Assurance Systems
Fall 01/Security Function Testing
3
Points to Remember
¨Penetration Testing Covered Under Vulnerability Assessment Class
¨Functional Testing Limitations
–Only shows behavior for tested configurations
–Cannot be exhaustive for complex systems
–Cannot show absence of unspecified functions
¨Main Value of Functional Testing Is to Show That There Is At Least One TOE Configuration That Meets ST SFRs