[cPP CHANGE] Distributed TOEs Section #160
Description
What is the change request for the cPP? Please describe.
The PP and Modules cover the concept of distributed TOEs but does not provide a lot of guidance on them. Most importantly a description of the 'Allocation of Requirements in Distributed TOEs' is needed to understand what SFRs apply to which TOE components.
Describe the solution you'd like
Add an 'Introduction to Distributed TOEs' section to each docoument. Recommend modeling it after the NDcPP. Attached file contains analysis for how the 'Allocation of Requirements in Distributed TOEs' should be defined.
SW App cPP - Distributed TOE SFR Allocation.xlsx
Other modules/packages for protocols will need to be defined as Feature Dependent. A statement such as this will need to be added:
"When the TSF implements the protocol channel(s) that are used for communication between the Distributed TOE Components, the TSF shall be validated against the associated Functional Packages or Modules. The SFR requirements in these documents shall be considered "Feature Dependent" for the allocation of the SFRs for the Distributed TOE."
Additionally, assurance guidance will also need to be added to cover what needs to be documented regarding the Distributed TOE. Including but not limited to:
- The ST for a distributed TOE must include a mapping of SFRs to each of the components of the TOE. (Note that this deliverable is examined as part of the ASE_TSS.1 and AVA_VAN.1 Evaluation Activities
- The ST for a distributed TOE may also introduce a ‘minimum configuration’ and identify components that may have instances
added to an operational configuration without affecting the validity of the CC certification.
Describe alternatives you've considered
Reviewed other PPs for how they handled this.