Description

BS PD ISO/IEC TR 20004:2015 refines the AVA_VAN assurance family activities defined in ISO/IEC 18045 andprovides more specific guidance on the identification, selection and assessment of relevant potentialvulnerabilities in order to conduct an ISO/IEC 15408 evaluation of a software target of evaluation. ThisTechnical Report leverages publicly available information security resources to support the methodof scoping and implementing ISO/IEC 18045 vulnerability analysis activities. The Technical Reportcurrently uses the common weakness enumeration (CWE) and the common attack pattern enumerationand classification (CAPEC), but does not preclude the use of any other appropriate resources.Furthermore, this Technical Report is not meant to address all possible vulnerability analysis methods,including those that fall outside the scope of the activities outlined in ISO/IEC 18045.

This Technical Report does not define evaluator actions for certain high assurance ISO/IEC 15408components, where there is as yet no generally agreed guidance.

Cross References:
ISO/IEC 15408-1
ISO/IEC 15408-2
ISO/IEC 15408-3
ISO/IEC 18045
ISO/IEC 15026-2

All current amendments available at time of purchase are included with the purchase of this document.

Product Details

Published:

01/31/2016

ISBN(s):

9780580905865

Number of Pages:

26

File Size:

1 file , 1.2 MB

Same As:

ISO/IEC TR 20004:2015

Product Code(s):

30325408, 30325408, 30325408

Note:

This product is unavailable in United Kingdom