600.436 High-Assurance Systems
Fall 01/Development Process Assurance
39
TOE
Component Categorization Report
¨The developer shall provide a TOE component categorisation report for the certified version of
the TOE (that shall):
–categorise each component of the TOE,
•in each TSF representation from the most abstract to
the least abstract
•according to security relevance– at least categorised
as either TSP-enforcing or
non-TSP-enforcing
–describe the categorisation scheme used,
•Know how to categorise new components
•Know when to re-categorise existing TOE components
following changes to the TOE or
its security target
–identify any tools used in the development
environment that, if modified,
will have an impact on the assurance that the TOE satisfies its security target