This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance, the individual assurance components from which the assurance levels are composed, and the criteria for evaluation of Protection Profiles (PPs) or Security Target (STs).
Contents:
- Foreword
- Introduction
- Scope
- Normative references
- Terms, definitions, symbols and abbreviated terms
- Overview
- ISO/IEC 15408 assurance paradigm
- Security assurance requirements
- Protection profile and security target evaluation criteria
- Class APE: Protection profile evaluation
- Class ASE: Security target evaluation
- Evaluation assurance levels
- Assurance classes, families, and components
- Class ACM: Configuration management
- Class ADO: Delivery and operation
- Class ADV: Development
- Class AGD: Guidance documents
- Class ALC: Life cycle support
- Class ATE: Tests
- Class AVA: Vulnerability assessment
- Annex A (informative) - Cross reference of assurance component dependencies
- Annex B (informative) - Cross reference of EALs and assurance components