Objectives
Covert channel analysis is carried out to determine the existence and potential capacity of unintended signalling channels (i.e. illicit information flows) that may be exploited.
The assurance requirements address the threat that unintended and exploitable signalling paths exist that may be exercised to violate the SFP.
Component levelling
The components are levelled on increasing rigour of covert channel analysis.
Application notes
Channel capacity estimations are based upon informal engineering measurements, as well as actual test measurements.
Examples of assumptions upon which the covert channel analysis is based may include processor speed, system or network configuration, memory size, and cache size.
The selective validation of the covert channel analysis through testing allows the evaluator the opportunity to verify any aspect of the covert channel analysis (e.g. identification, capacity estimation, elimination, monitoring, and exploitation scenarios). This does not impose a requirement to demonstrate the entire set of covert channel analysis results.
If there are no information flow control SFPs in the ST, this family of assurance requirements is no longer applicable, as this family applies only to information flow control SFPs.