Writing evidence documents for evaluation and certification processes according to the Common Criteria security standard is a very difficult, time-consuming and complex task. Nowadays there are only a few, limited solutions based on templates and software tools which can efficiently support developers in preparing evaluation deliverables. This paper describes the results of an R&D project whose aim was to work out a computer-aided tool with built-in design patterns. Firstly, according to all security assurance requirements the design patterns in a paper version were prepared. Secondly, they were verified and validated by the developers in order to make some amendments and improvements. The conclusions were used as the source of functional requirements for a computer-aided tool. As a result a complete computer system was designed which implements the design patterns, knowledge base, evaluation methodology, and additional external supporting software. That solution facilitates and speeds up the development of the evidence documentation.
展开▼
