600.436 High-Assurance Systems
Fall 01/Development Process Assurance
42
Security
Impact Analysis
¨Goal of Security
Impact Analysis is to provide confidence
that assurance has been maintained in the
TOE
–Relies
on a developer analysis of the security impact of all changes affecting the TOE since it was certified
¨Two Components,
levelled according to the degree to
which an evaluator validates the developer's
security impact analysis
–Sampling of Security
Impact Analysis
–Examination of
Security Impact Analysis