The thing we currently call the "Inherently Satisfied Requirements" appendix should really be presented at the end of the SFRs in the section we call "Security Requirements Rationale." This section should contain the rationales for not including SFRs that are dependencies of SFRs that are in the PP.
For CC requirements, dependencies are found in the CC catalog, from whence they will somehow have to be extracted.
For extended requirements, dependencies are in the element. Currently this is just text, but it should be references to SFRs (probably cc-ids).
The thing we currently call the "Inherently Satisfied Requirements" appendix should really be presented at the end of the SFRs in the section we call "Security Requirements Rationale." This section should contain the rationales for not including SFRs that are dependencies of SFRs that are in the PP.
For CC requirements, dependencies are found in the CC catalog, from whence they will somehow have to be extracted.
For extended requirements, dependencies are in the element. Currently this is just text, but it should be references to SFRs (probably cc-ids).