600.436 High-Assurance
Systems
Fall 01/Security Function Testing
3
Points to Remember
¨Penetration
Testing Covered Under Vulnerability Assessment Class
¨Functional
Testing Limitations
–Only
shows behavior for tested configurations
–Cannot
be exhaustive for complex systems
–Cannot
show absence of unspecified functions
¨Main
Value of Functional Testing Is to Show That There Is At Least One TOE Configuration
That Meets ST SFRs