Security Assurance Requirement (SAR) used by the Common Criteria for Information Technology Security Evaluation provides descriptions of the measures taken during development and evaluation of the product to assure compliance with the claimed Security Functional Requirements.

For example, an evaluation may require that all source code is kept in a change management system, or that full functional testing is performed. The Common Criteria provides a catalogue of these, and the requirements may vary from one evaluation to the next. The requirements for particular targets or types of products are documented in the ST and PP, respectively.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-1) was last changed on 01-Apr-2017 18:58 by jim