Installation guide
Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target
Page 50 of 85
T.POOR_DESIGN
Unintentional errors in
requirements specification or
design of the TOE may occur,
leading to flaws that may be
exploited by a casually
mischievous user or program.
O.CONFIGURATION_
IDENTIFICATION
The configuration of the TOE
is fully identified in a manner
that will allow implementation
errors to be identified,
corrected with the TOE being
redistributed promptly.
O.DOCUMENTED_ DESIGN
The design of the TOE is
adequately and accurately
documented.
O.VULNERABILITY_
ANALYSIS
The TOE will undergo
vulnerability analysis
demonstrate the design and
implementation of the TOE
does not contain any obvious
flaws.
O.CONFIGURATION_IDENTIF
ICATION plays a role in
countering this threat by
requiring the developer to
provide control of the changes
made to the TOE’s design
documentation and the ability
to report and resolve security
flaws.
O.DOCUMENTED_DESIGN
counters this threat, to a
degree, by requiring that the
TOE be developed using
sound engineering principles.
The use of a high level design
and the functional specification
ensure that developers
responsible for TOE
development understand the
overall design of the TOE. This
in turn decreases the likelihood
of design flaws and increases
the chance that accidental
design errors will be
discovered. ADV_RCR.1
ensures that the TOE design is
consistent across the High
Level Design and the
Functional Specification.
O.VULNERABILITY_ANALYSI
S_TEST ensures that the TOE
has been analyzed for obvious
vulnerabilities and that any
vulnerabilities found have been
removed or otherwise
mitigated, this includes
analysis of any probabilistic or
permutational mechanisms
incorporated into a TOE
claiming conformance to this
ST.