Publication detail
| Reference | ISO/IEC/TR 20004 ed1.0 |
 > preview |
||||||||
| Title | Information technology -- Security techniques -- Refining software vulnerability analysis under ISO/IEC 15408 and ISO/IEC 18045 | |||||||||
| Publication date | 2012-08-08 | |||||||||
| Format, price (Swiss francs) and language |
|
|||||||||
| Abstract | ISO/IEC TR 20004:2012 refines the AVA_VAN assurance family activities defined in ISO/IEC 18045:2008 and provides more specific guidance on the identification, selection and assessment of relevant potential vulnerabilities in order to conduct an ISO/IEC 15408 evaluation of a software target of evaluation. ISO/IEC TR 20004:2012 leverages the Common Weakness Enumeration (CWE) and the Common Attack Pattern Enumeration and Classification (CAPEC) to support the method of scoping and implementing ISO/IEC 18045:2008(E) vulnerability analysis activities. ISO/IEC TR 20004:2012 does not define evaluator actions for certain high assurance ISO/IEC 15408 components, where there is as yet no generally agreed guidance. |
|||||||||
| Technical Committee | JTC 1/SC 27 - IT security techniques
|
|||||||||
| ICS Codes |
|
|||||||||
| Work in progress |
|
|||||||||
Search
Quick access by ref. number
Basket
| Your basket is empty |
Payment
| Accepted credit cards: | |
 | Prices in CHF (Swiss francs) |
| Request a pro forma to pay by bank transfer or cheque | |
| Learn how to share your publications with your colleagues, using networking options | |
Just Published
- IEC 60601-1-SER Ed. 1.0
- IEC 60601-1 Ed. 3.0
- IEC 60838-2-1-am2 Ed. 1.0
- IEC/TS 62720 Ed. 1.0
- IEC/TR 62655 Ed. 1.0
- IEC 61710 Ed. 2.0
- IEC 60099-5 Ed. 2.0
>> Published in the last 30 days
Bestsellers