The component name of FDP_DSK_EXT.1 in the HCD cPP section B.1.3 is “Protection of Data on Disk,” which is misleading since it implies that it only applies to HCDs that include a disk drive. HCDs can have non-volatile storage holding D.USER.DOC and/or D.TSF.CONF without including a disk. The FDP_DSK_EXT.1.1 element refers to a “Nonvolatile Storage Device” rather than a disk, which seems more appropriate than “disk”. However, ST authors reading the component name of the SFR could mistakenly determine that this SFR does not apply to their TOE simply because it does not include a disk.
FDP_DSK_EXT.1 is loosely derived from the SFR of the same nomenclature in the FDE EE cPP. However, the FDE SFR refers to “disk” or “drive” in both the component name and elements, which is appropriate for the FDE EE cPP. The HCD cPP SFR modified the SFR elements to appropriately address the usage in the HCD cPP, but did not modify the SFR component name or family.
At minimum, the SFR component name could be changed to more accurately reflect the SFR’s usage in the HCD cPP. The suggested change is from “Protection of Data on Disk” to “Protection of Data in Nonvolatile Storage”. This would impact both sections B.1.3 and D.3.1 of the HCD cPP. In the HCD SD, the title of section 3.1.3 is impacted.
Since the FDP_DSK_EXT.1 SFRs in the FDE and HCD cPPs have little in common, there is no need to maintain the same SFR family. Therefore, it would also be appropriate to change the SFR’s family in the HCD cPP to clarify its scope. The suggested change is from “FDP_DSK_EXT” to “FDP_NVS_EXT”. This would again impact sections B.1.3 and D.3.1 of the HCD cPP and section 3.1.3 in the HCD SD. In addition, the following references to FDP_DSK_EXT.1 would need to be updated:
App Note in C.2.1 (FPT_WIPE_EXT.1
Row for FDP_DSK_EXT.1 in Table 24 (section I.10)
Row for O.STORAGE_ENCRYPTION with FDP_DSK_EXT.1 in Table 21 (section I.9)
HCD SD: Reference in the last paragraph of the TSS for FPT_WIPE_EXT (section 4.2.1.1)
The component name of FDP_DSK_EXT.1 in the HCD cPP section B.1.3 is “Protection of Data on Disk,” which is misleading since it implies that it only applies to HCDs that include a disk drive. HCDs can have non-volatile storage holding D.USER.DOC and/or D.TSF.CONF without including a disk. The FDP_DSK_EXT.1.1 element refers to a “Nonvolatile Storage Device” rather than a disk, which seems more appropriate than “disk”. However, ST authors reading the component name of the SFR could mistakenly determine that this SFR does not apply to their TOE simply because it does not include a disk.
FDP_DSK_EXT.1 is loosely derived from the SFR of the same nomenclature in the FDE EE cPP. However, the FDE SFR refers to “disk” or “drive” in both the component name and elements, which is appropriate for the FDE EE cPP. The HCD cPP SFR modified the SFR elements to appropriately address the usage in the HCD cPP, but did not modify the SFR component name or family.
At minimum, the SFR component name could be changed to more accurately reflect the SFR’s usage in the HCD cPP. The suggested change is from “Protection of Data on Disk” to “Protection of Data in Nonvolatile Storage”. This would impact both sections B.1.3 and D.3.1 of the HCD cPP. In the HCD SD, the title of section 3.1.3 is impacted.
Since the FDP_DSK_EXT.1 SFRs in the FDE and HCD cPPs have little in common, there is no need to maintain the same SFR family. Therefore, it would also be appropriate to change the SFR’s family in the HCD cPP to clarify its scope. The suggested change is from “FDP_DSK_EXT” to “FDP_NVS_EXT”. This would again impact sections B.1.3 and D.3.1 of the HCD cPP and section 3.1.3 in the HCD SD. In addition, the following references to FDP_DSK_EXT.1 would need to be updated: