[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Definition of COTS
I hate to bring this back yet another step, but I need this clarified in
my mind before I am useful to the group. It seems there is a debate not
just on the definition of COTS but also the treatment of COTS (no matter
how it is defined). But I am not sure it is really necessary to define
COTS at all?
I would be interested in opinions to the following scenarios:
Q1: If a portion of the voting system has already been tested to the
same rigor as the rest of the system, then does it need to be re-tested?
A1: No, so long as the portion in question is unchanged from the one
that was tested and the operational environment and procedures are
within the tested configuration.
Q2: Do all portions of the voting system need to be tested (or analyzed)
to the same degree of rigor?
A2: No. Some portions such as the security kernel and TSF (Target of
Evaluation Security Functions) are security-enforcing and therefore need
a more detailed analysis. For example, whatever mechanism is used to
enforce anonymity is relied upon to enforce this security policy. Other
portions are security-preserving and need a less detailed analysis since
we only need assurance that they perform their functions correctly (ex.
The display is trusted to present the information presented to it).
Q3: If a portion of the voting system is COTS (however) defined does
that matter at all?
So looking back at question 2, do we really care if something is COTS or
13498 Pond Springs Rd.
Bldg. B, Suite 300
Austin, TX 78729
Office: (512) 310-2228
Fax: (512) 233-5924
From: Vincent J. Lipsio [mailto:Vince@lipsio.com]
Sent: Wednesday, January 21, 2004 1:49 PM
To: COTS Special Task Group, P1583; Security Task Group, P1583
Subject: RE: Definition of COTS
In the email to which I'm belatedly replying (appended below), Stephen
Berger asks, "do we (particularly the STG group) agree with that
definition?", where "that definition" is:
> Commercial Off-the-Shelf (COTS): Commercial, readily-available
> hardware devices (such as card readers, printers, or personal
> computers) or software products (such as operating systems,
> programming language compilers, or database management systems).
> These devices and software are exempted from certain portions of the
> qualification testing process so long as such products are not
> modified in any manner for use in the voting system.
Three comments by three individuals (including myself) objected to the
second sentence because it is out of scope in a definition. Also, other
definitions in our standard do not include examples.
Therefore, I propose three possible solutions:
1) Eliminate the definition altogether because COTS appears in the
subsequent section, 3.1, "Abbreviations and Acronyms".
2) Change the definition as follows: "Commercial Off-the-Shelf
systems, subsystems, or components of any type, including
mechanical, electronic, and software."
3) A hybrid of the above: Eliminate the definition and add in
"Abbreviations and Acronyms" the text: "(subsystems or components;
software, electronic, mechanical, et cetera)"
The following was written by Stephen Berger on Sun, 16 Nov 2003:
I had some facinating discussion last week with Bob Mandeville at the
IEEE 802 meetings. Bob and I along with several others were proposing a
new standard within IEEE 802. Bob's presentation, which I am attaching
discussed the approach to developing standards commonly used in the
IETF. The key to much of that approach is to start by clearly defining
terms. His statement was that this was typically the hardest part.
I think the comments below make it clear that this is where the COTS STG
needs to start. To help get the ball rolling let me provide one of
Bob's slides here:
Terminology Definition Template:
--Term to be defined. (e.g., Latency)
--Definition: The specific definition for the term. Discussion: A brief
discussion about the term, it's application and any restrictions on
measurement procedures. --Measurement units: The units used to report
measurements of this term, if applicable.
--Issues: List of issues or conditions that effect this term. --See
Also: List of other terms that are relevant to the discussion of this
Methodology Definition Template:
So applying this to COTS, we start with the definition in the current
draft, which I think is currently unchanged from the 2002 FEC standard:
Commercial Off-the-Shelf (COTS): Commercial, readily-available hardware
devices (such as card readers, printers, or personal computers) or
software products (such as operating systems, programming language
compilers, or database management systems). These devices and software
are exempted from certain portions of the qualification testing process
so long as such products are not modified in any manner for use in the
First question, do we (particularly the STG group) agree with that
definition? Everyone seems to agree that modified products are not
COTS. So is the limitation at the end of the definition sufficient?
In Bob's method he recommends having a discussion of the application and
any restrictions on measurement procedure. The STG needs to come up
with some discussion of those boundaries in this context. I think we
all agree that some of the environmental testing can be set aside where
it is clear that hardware already meets comparable specifications and
has been tested for other purposes, such as the CE Mark requirements. I
think from our Austin discussion we all agree that even things we all
agree are COTS doesn't get a waive on all testing. What we need is a
draft of the language setting those boundaries and suggestions for where
that discussion should be included in the document.
Hope the above is helpful to the COTS STG. I at least found it of