AVA_CCA.2 Systematic covert channel analysis
Objectives
The objective is to identify covert channels that are identifiable, through a systematic search for covert channels.
Application notes
Performing a covert channel analysis in a systematic way requires that the developer identify covert channels in a structured and repeatable way, as opposed to identifying covert channels in an ad-hoc fashion.
Dependencies:
ADV_FSP.2 Fully defined external interfaces
ADV_IMP.2 Implementation of the TSF
AGD_ADM.1 Administrator guidance
AGD_USR.1 User guidance
Developer action elements:
AVA_CCA.2.1D The developer shall conduct a search for covert channels for each information flow control policy.
AVA_CCA.2.2D The developer shall provide covert channel analysis documentation.
Content and presentation of evidence elements:
AVA_CCA.2.1C The analysis documentation shall identify covert channels and estimate their capacity.
AVA_CCA.2.2C The analysis documentation shall describe the procedures used for determining the existence of covert channels, and the information needed to carry out the covert channel analysis.
AVA_CCA.2.3C The analysis documentation shall describe all assumptions made during the covert channel analysis.
AVA_CCA.2.4C The analysis documentation shall describe the method used for estimating channel capacity, based on worst case scenarios.
AVA_CCA.2.5C The analysis documentation shall describe the worst case exploitation scenario for each identified covert channel.
AVA_CCA.2.6C The analysis documentation shall provide evidence that the method used to identify covert channels is systematic.
Evaluator action elements:
AVA_CCA.2.1E The evaluator shall confirm that the information provided meets all requirements for content and presentation of evidence.
AVA_CCA.2.2E The evaluator shall confirm that the results of the covert channel analysis show that the TOE meets its functional requirements.
AVA_CCA.2.3E The evaluator shall selectively validate the covert channel analysis through testing.