Formal Models for High-Assurance: Why and How (A22a)
EAL6 certifications have recently gained terrain. With CCv4 within reach and with an extensive experience in formal evaluations, the French and German schemes are proposing a formal methods usage approach that is clearly articulated around the SPM and the developer’s claims about the TOE and the TSF. This leads to more flexibility, increased comprehension and decreased subjectivity for evaluators and CBs. The presentation covers the definition of the formal assurance components and the impact on current practices.