ADV_LLD.2 Semiformal low-level design
Dependencies:
ADV_HLD.3 Semiformal high-level design
ADV_RCR.2 Semiformal correspondence demonstration
Developer action elements:
ADV_LLD.2.1D The developer shall provide the low-level design of the TSF.
Content and presentation of evidence elements:
ADV_LLD.2.1C The presentation of the low-level design shall be semiformal.
ADV_LLD.2.2C The low-level design shall be internally consistent.
ADV_LLD.2.3C The low-level design shall describe the TSF in terms of modules.
ADV_LLD.2.4C The low-level design shall describe the purpose of each module.
ADV_LLD.2.5C The low-level design shall define the interrelationships between the modules in terms of provided security functionality and dependencies on other modules.
ADV_LLD.2.6C The low-level design shall describe how each TSP-enforcing function is provided.
ADV_LLD.2.7C The low-level design shall identify all interfaces to the modules of the TSF.
ADV_LLD.2.8C The low-level design shall identify which of the interfaces to the modules of the TSF are externally visible.
ADV_LLD.2.9C The low-level design shall describe the purpose and method of use of all interfaces to the modules of the TSF, providing complete details of all effects, exceptions and error messages.
ADV_LLD.2.10C The low-level design shall describe the separation of the TOE into TSP-enforcing and other modules.
Evaluator action elements:
ADV_LLD.2.1E The evaluator shall confirm that the information provided meets all requirements for content and presentation of evidence.
ADV_LLD.2.2E The evaluator shall determine that the low-level design is an accurate and complete instantiation of the TOE security functional requirements.