AVA_CCA.1 Covert channel analysis
Objectives
The objective is to identify covert channels that are identifiable, through an informal search for covert channels.
Dependencies:
ADV_FSP.2 Fully defined external interfaces
ADV_IMP.2 Implementation of the TSF
AGD_ADM.1 Administrator guidance
AGD_USR.1 User guidance
Developer action elements:
AVA_CCA.1.1D The developer shall conduct a search for covert channels for each information flow control policy.
AVA_CCA.1.2D The developer shall provide covert channel analysis documentation.
Content and presentation of evidence elements:
AVA_CCA.1.1C The analysis documentation shall identify covert channels and estimate their capacity.
AVA_CCA.1.2C The analysis documentation shall describe the procedures used for determining the existence of covert channels, and the information needed to carry out the covert channel analysis.
AVA_CCA.1.3C The analysis documentation shall describe all assumptions made during the covert channel analysis.
AVA_CCA.1.4C The analysis documentation shall describe the method used for estimating channel capacity, based on worst case scenarios.
AVA_CCA.1.5C The analysis documentation shall describe the worst case exploitation scenario for each identified covert channel.
Evaluator action elements:
AVA_CCA.1.1E The evaluator shall confirm that the information provided meets all requirements for content and presentation of evidence.
AVA_CCA.1.2E The evaluator shall confirm that the results of the covert channel analysis show that the TOE meets its functional requirements.
AVA_CCA.1.3E The evaluator shall selectively validate the covert channel analysis through testing.