Family behaviour
TSF physical protection components refer to restrictions on unauthorised physical access to the TSF, and to the deterrence of, and resistance to, unauthorised physical modification, or substitution of the TSF.
The requirements of components in this family ensure that the TSF is protected from physical tampering and interference. Satisfying the requirements of these components results in the TSF being packaged and used in such a manner that physical tampering is detectable, or resistance to physical tampering is enforced. Without these components, the protection functions of a TSF lose their effectiveness in environments where physical damage cannot be prevented. This family also provides requirements regarding how the TSF shall respond to physical tampering attempts.
Component levelling
FPT_PHP.1 Passive detection of physical attack, provides for features that indicate when a TSF device or TSF element is subject to tampering. However, notification of tampering is not automatic; an authorised user must invoke a security administrative function or perform manual inspection to determining if tampering has occurred.
FPT_PHP.2 Notification of physical attack, provides for automatic notification of tampering for an identified subset of physical penetrations.
FPT_PHP.3 Resistance to physical attack, provides for features that prevent or resist physical tampering with TSF devices and TSF elements.
Management: FPT_PHP.1
There are no management activities foreseen.
Management: FPT_PHP.2
The following actions could be considered for the management functions in FMT:
a) management of the user or role that gets informed about intrusions;
b) management of the list of devices that should inform the indicated user or role about the intrusion.
Management: FPT_PHP.3
The following actions could be considered for the management functions in FMT:
a) management of the automatic responses to physical tampering.
Audit: FPT_PHP.1
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP / ST:
a) Minimal: if detection by IT means, detection of intrusion.
Audit: FPT_PHP.2
The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP / ST:
a) Minimal: detection of intrusion.
Audit: FPT_PHP.3
There are no actions identified that should be auditable if FAU_GEN Security audit data generation is included in the PP / ST: