600.436 High-Assurance Systems
Fall 01/Operational Assurance
29
Developer Vulnerability Analysis
¨The developer shall perform and document an analysis of the TOE deliverables searching for obvious ways in which a user can violate the TSP
–The documentation shall show, for all identified vulnerabilities, that the vulnerability cannot be exploited in the intended environment for the TOE
¨The developer shall document the disposition of obvious vulnerabilities