CRP-C0266-01
27
7. Evaluation conducted by Evaluation Facility and results
7.1 Evaluation Approach
Evaluation was conducted by using the evaluation methods prescribed in CEM in accordance
with the assurance components in CC Part 3. Details for evaluation activities are reported in
the Evaluation Technical Report. In the Evaluation Technical Report, it explains the
summary of the TOE, the content of the evaluation and verdict of each work unit.
7.2 Overview of Evaluation Activity
The history of evaluation conducted was present in the Evaluation Technical Report as
follows. Evaluation has started on 2010-2 and concluded by completion the Evaluation
Technical Report dated 2010-7. The evaluator received a full set of evaluation deliverables
necessary for evaluation provided by the developer, and examined the evidences in relation to
a series of evaluation conducted. Additionally, the Evaluation Facility directly visited the
development and manufacturing sites on 2010-4 and 2010-5, and examined procedural status
conducted in relation to each work unit for configuration management, delivery and
operation and lifecycle by investigating records and staff interview. Because TOE is product
intended for the United States, Europe and Asia, TOE is manufactured and distributed from
Japan and two or more overseas branches. The evaluator went to branch factories in Japan,
the United States, Europe and Asia where the investigation was necessary, and conducted
the investigation to note manufacturing and the assembly process of TOE across two or more
branches.
Further, the evaluator executed the sampling check of the developer testing and the
evaluator testing by using developer testing environment at developer site on 2010-4.
Concerns found in evaluation activities for each work unit were all issued as Observation
Report and were reported to the developer. These concerns were reviewed by the developer
and all concerns were solved eventually.
7.3 IT Product Testing
The evaluator confirmed the validity of the developer testing. By the evidence in the
evaluation process and that confirmed validity, the evaluator executed the reappearance
testing, additional testing and penetration testing based on vulnerability assessments judged
to be necessary.
7.3.1 Developer Testing
The evaluator evaluated the integrity of the developer testing that the developer executed
and the testing documentation of actual testing results. It explains the content of the
developer testing evaluated by the evaluator as follows.
1) Developer Testing Environment
Figure 7-1 shows the testing configuration executed by the developer.
(231 páginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais