VE 04: Difference between revisions
Jump to navigation
Jump to search
Georgebush (talk | contribs) (fish and chips fish and chips fish and chipfish and chips fish and chips fish and chips fisfish and chips fish anh and chips fish and chips fish and chipss fish and chips fish and chips fish and chips) |
m (Reverted edit of Georgebush, changed back to last version by Glen) |
||
| Line 1: | Line 1: | ||
I | ==SECTION 4: FINITE STATE MODEL== | ||
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.04.01</FONT></B>The | |||
operation of the cryptographic module shall be specified using a </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>finite | |||
state (or equivalent) represented by a state transition diagram </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>and/or | |||
a state transition table. (The state transition diagram and/or state </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>transition | |||
table includes all operational and error states of the </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic | |||
module, the corresponding transitions from one state to </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>another, | |||
the input events that cause transitions from one state to </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>another, | |||
and the output events resulting from transitions from one state </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>to | |||
another.)</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.04.02</FONT></B>The | |||
cryptographic module shall include the following operational and </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>error | |||
states:</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Power | |||
on/off states. States for primary, secondary, or backup power.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>These | |||
states may distinguish between power sources being applied to </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the | |||
cryptographic module.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Crypto | |||
officer states. States in which the crypto officer services are </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>performed | |||
(e.g., cryptographic initialization and key management).</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Key/CSP | |||
entry states. States for entering cryptographic keys and </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>CSPs | |||
into the cryptographic module.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>User | |||
states. States in which authorized users obtain security services, </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>perform | |||
cryptographic operations, or perform other Approved or </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>non-Approved | |||
functions.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Self-test | |||
states. States in which the cryptographic module is </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>performing | |||
self-tests.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Error | |||
states. States when the cryptographic module has encountered </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>an | |||
error (e.g., failed a self-test or attempted to encrypt when missing </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>operational | |||
keys or CSPs). Error states may include "hard" errors that </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>indicate | |||
an equipment malfunction and that may require maintenance, </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>service | |||
or repair of the cryptographic module, or recoverable "soft" | |||
</FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>errors | |||
that may require initialization or resetting of the module.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note: | |||
This assertion is tested as part of AS04.05.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.29in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.04.03</FONT></B>Recovery | |||
from error states shall be possible except for those caused by </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>hard | |||
errors that require maintenance, service, or repair of the </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>cryptographic | |||
module.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.2in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.04.04</FONT></B>If | |||
the cryptographic module contains a maintenance role, then a </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>maintenance | |||
state shall be included.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>Note: | |||
This assertion is tested as part of AS04.05.</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.03in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>AS.04.05</FONT></B>Documentation | |||
shall include a representation of the finite state (or </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>equivalent) | |||
using a state transition diagram and/or state transition table </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>that | |||
shall specify:</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>* | |||
all operational and error states of the cryptographic module,</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>* | |||
the corresponding transitions from one state to another,</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>* | |||
the input events, including data inputs and control inputs, that | |||
cause </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>transitions | |||
from one state to another, and</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>* | |||
the output events, including internal module conditions, data </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>outputs, | |||
and status outputs resulting from transitions from one state to </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.19in; margin-bottom: 0in"><FONT COLOR="#000080"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><I><B>Assessment:</B></I></FONT></FONT></FONT></P> | |||
==VE.04.05.01== | |||
<P ALIGN=LEFT STYLE="margin-top: 0.11in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3><B><FONT SIZE=4>VE.04.05.01</FONT></B>The | |||
vendor shall provide a description of the finite state model. This </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>description | |||
shall contain the identification and description of all states of</FONT></FONT></FONT></P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>the | |||
module, and a description of all corresponding state transitions. </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>The | |||
descriptions of the state transitions shall include internal module </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-top: 0.08in; margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>conditions, | |||
data inputs and control inputs that cause transitions from </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>one | |||
state to another, data outputs and status outputs resulting from </FONT></FONT></FONT> | |||
</P> | |||
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT COLOR="#000000"><FONT FACE="Times New Roman, Times New Roman, serif"><FONT SIZE=3>transitions | |||
from one state to another.</FONT></FONT></FONT></P> | |||
Revision as of 03:29, 19 August 2005
SECTION 4: FINITE STATE MODEL
AS.04.01The operation of the cryptographic module shall be specified using a
finite state (or equivalent) represented by a state transition diagram
and/or a state transition table. (The state transition diagram and/or state
transition table includes all operational and error states of the
cryptographic module, the corresponding transitions from one state to
another, the input events that cause transitions from one state to
another, and the output events resulting from transitions from one state
to another.)
Assessment:
AS.04.02The cryptographic module shall include the following operational and
error states:
Power on/off states. States for primary, secondary, or backup power.
These states may distinguish between power sources being applied to
the cryptographic module.
Crypto officer states. States in which the crypto officer services are
performed (e.g., cryptographic initialization and key management).
Key/CSP entry states. States for entering cryptographic keys and
CSPs into the cryptographic module.
User states. States in which authorized users obtain security services,
perform cryptographic operations, or perform other Approved or
non-Approved functions.
Self-test states. States in which the cryptographic module is
performing self-tests.
Error states. States when the cryptographic module has encountered
an error (e.g., failed a self-test or attempted to encrypt when missing
operational keys or CSPs). Error states may include "hard" errors that
indicate an equipment malfunction and that may require maintenance,
service or repair of the cryptographic module, or recoverable "soft"
errors that may require initialization or resetting of the module.
Note: This assertion is tested as part of AS04.05.
Assessment:
AS.04.03Recovery from error states shall be possible except for those caused by
hard errors that require maintenance, service, or repair of the
cryptographic module.
Assessment:
AS.04.04If the cryptographic module contains a maintenance role, then a
maintenance state shall be included.
Note: This assertion is tested as part of AS04.05.
Assessment:
AS.04.05Documentation shall include a representation of the finite state (or
equivalent) using a state transition diagram and/or state transition table
that shall specify:
* all operational and error states of the cryptographic module,
* the corresponding transitions from one state to another,
* the input events, including data inputs and control inputs, that cause
transitions from one state to another, and
* the output events, including internal module conditions, data
outputs, and status outputs resulting from transitions from one state to
Assessment:
VE.04.05.01
VE.04.05.01The vendor shall provide a description of the finite state model. This
description shall contain the identification and description of all states of
the module, and a description of all corresponding state transitions.
The descriptions of the state transitions shall include internal module
conditions, data inputs and control inputs that cause transitions from
one state to another, data outputs and status outputs resulting from
transitions from one state to another.