FPT_PHP.3 Resistance to physical attack
For some forms of tampering, it is necessary that the TSF not only detects the tampering, but actually resists it or delays the attacker.
User application notes
This component should be used when TSF devices and TSF elements are expected to operate in an environment where a physical tampering (e.g. observation, analysis, or modification) of the internals of a TSF device or TSF element itself is a threat.
Operations
Assignment:
For FPT_PHP.3.1, the PP/ST author should specify tampering scenarios to a list of TSF devices/elements for which the TSF should resist physical tampering. This list may be applied to a defined subset of the TSF physical devices and elements based on considerations such as technology limitations and relative physical exposure of the device. Such subsetting should be clearly defined and justified. Furthermore, the TSF should automatically respond to physical tampering. The automatic response should be such that the policy of the device is preserved; for example, with a confidentiality policy, it would be acceptable to physically disable the device so that the protected information may not be retrieved.
For FPT_PHP.3.1, the PP/ST author should specify the list of TSF devices/elements for which the TSF should resist physical tampering in the scenarios that have been identified.