600.436 High-Assurance Systems
Fall 01/Operational Assurance
29
Developer Vulnerability Analysis
¨The developer shall perform and document an
analysis of the TOE deliverables searching for obvious ways in which a
user can violate the TSP
–The documentation shall show, for
all identified vulnerabilities, that the vulnerability
cannot be exploited in the intended environment for the TOE
¨The developer shall document the disposition
of obvious vulnerabilities