This report contains a total of 14 pages. In case it needs to be reproduced, all the pages must be included. Indian CC Certification Scheme (IC3S) Certification Report Report Number : IC3S/DEL01/VALIANT/EAL1/0317/0007/CR Product / system : OAM (Operation, Administration & Management/Maintenance) Module VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer Dated: 12-12-2018 Version: 1.0 Government of India Ministry of Electronics & Information Technology Standardization, Testing and Quality Certification Directorate 6. CGO Complex, Lodi Road, New Delhi – 110003 India Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 2 of 14 Product developer: Valiant Communications Limited 71/1 Shivaji Marg, New Delhi-110015, India TOE evaluation sponsored by: Valiant Communications Limited 71/1 Shivaji Marg, New Delhi-110015, and India Evaluationfacility: CCTL – ERTL (North), Delhi STQC Directorate, Ministry of Electronics & Information Technology, S- Block, Okhla Industrial Area Phase – II New Delhi – 110020 EvaluationPersonnel: Mr. M.K. Saxena Mrs. Banani Das Ms. Anjali Jain Evaluation Reviewer A K Upadhyay Evaluationreport: CCTL-ERTL (N), Delhi/Valiant/OAM/CC/ETR-03/06/2018/103 Validation Personnel: Tapas Bandyopadhyay Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 3 of 14 Table of Contents Contents PART A: CERTIFICATION STATEMENT AND BACKGROUND OF THE CERTIFICATION BODY...........4 A1 Certification Statement ................................................................................................................................4 A2. About the Certification Body .......................................................................................................................4 A3 Specifications of the Certification Procedure ...............................................................................................5 A4 Process of Evaluation and Certification ........................................................................................................5 A5 Publication....................................................................................................................................................5 PART B: CERTIFICATION RESULTS ....................................................................................................6 B.1 Executive Summary .....................................................................................................................................6 B 2 Identification of TOE ....................................................................................................................................7 B 3 Security policy..............................................................................................................................................8 B.4 Assumptions ................................................................................................................................................8 B.5 Evaluated configuration...............................................................................................................................8 B.6 Document evaluation ..................................................................................................................................9 B 7 Product Testing..........................................................................................................................................10 B 8 Evaluation Results......................................................................................................................................12 B 9 Validator Comments ..................................................................................................................................13 B 10 List of Acronyms.......................................................................................................................................13 B 11 References..............................................................................................................................................14 Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 4 of 14 PART A: CERTIFICATION STATEMENT AND BACKGROUND OF THE CERTIFICATION BODY A1 Certification Statement The product (TOE) below has been evaluated under the terms of the Indian Common Criteria Certification Scheme (IC3S) and has met the stated Common Criteria requirements. The scope of the evaluation and the assumed usage environment are specified in the body of this report. Sponsor Valiant Communications Limited Developer Valiant Communications Limited The Target of Evaluation (TOE) OAM (Operation, Administration & Management/Maintenance) Module VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer Security Target Security Target: OAM (Operation, Administration & Management/Maintenance) Module running on VCL-MX Version6 80 E1, 160Mbps Voice & Data Multiplexer, Version 1.4 Brief description of product The Target of Evaluation (TOE) is an Operation, Administration and Management/ Maintenance Module (OAM Module) which works as authentication, access control operation, user administration and management/maintenance module. The TOE is a software application module used in telecom sector. TOE is used with VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer. The TOE is the OAM Module implemented on Linux Version: 2.6.31 GNU/Linux. VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer acts as the IT system for the OAM Interface Card. The OAM is the entry point to the system for any user attempting to make configuration changes in the system. OAM provide security against intrusion. OAM interface provides a highly secured interface. CC Part 2 [CC-II] Conformant CC Part 3 [CC-III] Conformant EAL EAL1 Evaluation Lab CCTL - ERTL(N), New Delhi Date Authorized 29-03-2017 A2. About the Certification Body STQC IT Certification Services, the IT Certification Body of Standardization Testing and Quality Certification – was established in 1998 and offers a variety of services in the context of security evaluation and validation. It is the first Certification Body in India for BS 7799/ISO 27001 certification of Information Security Management Systems (ISMS). The Indian CC Certification Scheme (IC3S) is the IT security evaluation & certification Scheme based on Common Criteria standards, it is established by Govt. of India under Department of Information Technology, STQC Directorate to evaluate & certify the trustworthiness of security features in Information Technology (IT) products and systems. The IC3S is an Indian independent third party evaluation and certification scheme for evaluating the security functions or mechanisms of the IT products. It also provides framework for the International Mutual Recognition of such certificates with the member countries of CCRA (Arrangement on the Recognition of Common Criteria Certificates in the field of Information Technology Security). The principal participants in the scheme are- Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 5 of 14 a) Applicant (Sponsor/Developer) of IT security evaluations: M/s Valiant Communications Limited b) STQC Certification Body : IC3S (STQC Certification body/ MeitY/Govt. of India); c) Common Criteria Testing Laboratories: CCTL- ERTL (N), New Delhi A3 Specifications of the Certification Procedure The certification body operates under the official administrative procedures according to the criteria and procedures laid down in the following:  ISO/IEC 17065, and the requirements laid down in Annex C of CCRA  Indian Common Certification Scheme (IC3S)  STQC/CC/DO2: Standard Operating Procedure (SOP) for Certification Body - Quality Manual – describes the quality management system for the Scheme.  Common Criteria for Information Technology Security Evaluation (CC) part 1-3, Version 3.1  Common Evaluation Methodology (CEM) Version 3.1. A4 Process of Evaluation and Certification The certification body monitors each individual evaluation to ensure uniform procedures, interpretations of the criteria, and ratings. The TOE has undergone the certification procedure at STQC IT Certification Body. The evaluation body Common Criteria Test Laboratory (CCTL), ERTL (North), S- Block, Okhla Industrial Area Phase – II, New Delhi – 110020, India has conducted the evaluation of the product.. Hereafter this has been referred as CCTL. The evaluation facility is recognized under the IC3S scheme of STQC IT Certification Body. Valiant Communications Limited is the developer and sponsor of the TOE under certification. The certification process is concluded with the completion of this certification report. This evaluation was completed on 28th November 2018 after submission of [ETR] to the certification body. The confirmation of the evaluation assurance level (EAL) only applies on the condition that  all stated condition regarding configuration and operation, as given in part B of this report, are observed,  The product is operated – where indicated – in the environment described. This certification report applies only to the version and release of the product indicated here. The validity of the certificate can be extended to cover new versions and releases of the product, provided the applicant apply for re-certification of the modified product, in accordance with the procedural requirements, and provided the evaluation does not reveal any security deficiencies. A5 Publication The following Certification Results consist of Sections B1 to B11 of this report. The TOE will be included in the list of the products certified under IC3S Scheme of STQC IT Certification Body. The list of certified products is published at regular intervals in the Internet at http://www.commoncriteria-india.gov.in. Further copies of this certification report may be ordered from the sponsor of the product. The certification report may also be obtained in electronic form on request to the Certification Body. Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 6 of 14 PART B: CERTIFICATION RESULTS B.1 Executive Summary B.1.1 Introduction The Certification Report documents the outcome of Common Criteria security evaluation of the TOE. It presents the evaluation results and the conformance results. This certificate is intended to assist the prospective buyers and users when judging the suitability of the IT security of the product for specified requirements. Prospective buyers and users are advised to read this report in conjunction with the referred [ST] of the product, which specifies the functional, environmental and assurance requirements. Common Criteria Test Laboratory (CCTL), ERTL (North), D S- Block, Okhla Industrial Area Phase – II, New Delhi – 110020, India, has performed the evaluation. The information in the Certification Report is derived from the [ST] written by the developer and the Evaluation Technical Report [ETR] written by Common Criteria Test Laboratory [CCTL], ERTL (North), S- Block, Okhla Industrial Area Phase – II, New Delhi – 110020, India]. The evaluation team has evaluated and confirmed that the security target [ST] that is used for evaluation of the product (TOE) is CC Version 3.1, Part 2 and Part 3 conformant and concluded that the Common Criteria requirements for Evaluation Assurance Level (EAL1) have been met. B 1.2 Evaluated product and TOE The TOE OAM (Operation, Administration & Management/Maintenance) Module consists of VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer. The evaluated sub-set and configuration of the product is described in this report as the Target of Evaluation (TOE). The product version number is 10.00V20180912FS.The Evaluated Configuration, its security functions, assumed operational environment, architectural information and evaluated configuration are given below (Refer B2 to B5).The TOE & Its Physical Environments & Boundaries are depicted in figure 1. Figure .1- TOE & Its Physical Environments & Boundaries Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 7 of 14 B 1.3 Security Claims The [ST] specifies the security objectives of the TOE and the threats that they counter. The Security Functional Requirements (SFRs) are taken from CC Part 2. B 1.4 Conduct of Evaluation The evaluation was initiated by the IC3S Certification Scheme of STQC IT Certification Body vide communication no. STQC/CC/1617/23 dated 29th March 2017. The TOE as described in the [ST] is called as Operation, Administration and Management/ Maintenance Module (OAM Module). It works as authentication, access control operation, user administration and management/maintenance module. The TOE is a software application module used in telecom sector. TOE is used with VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer. The TOE is the OAM Module implemented on Linux Version: 2.6.31 GNU/Linux. VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer acts as the IT system for the OAM Interface Card. The OAM is the entry point to the system for any user attempting to make configuration changes in the system. OAM provide security against intrusion. OAM interface provides a highly secured interface. TOE was evaluated through evaluation of its documentation (product and process related); Independent testing and vulnerability assessment using methodology stated in Common Evaluation Methodology [CEM]. The evaluation has been carried out under written agreement [dated 29th March 2017] between CCTL, ERTL (N)-New Delhi and the developer/ sponsor. B 1.5 Independence of Certifier The certifier did not render any consulting or other services for the company ordering the certification and there was no relationship between them, which might have an influence on this assessment. B 1.6 Disclaimers The certification results only apply to the version and release of the product as indicated in the certificate. The certificate is valid for stated conditions as detailed in this report. This certificate is not an endorsement of the IT product by the Certification Body or any other organization that recognizes or gives effect to this certificate. It is also not an endorsement of the target of evaluation (TOE) by any agency of the Government of India and no warranty of the TOE is either expressed or implied. B 1.7 Recommendations and conclusions  The conclusions of the Certification Body are summarized in the Certification Statement at Section A1.  The specific scope of certification should be clearly understood by reading this report along with the [ST].  The TOE should be used in accordance with the environmental assumptions mentioned in the [ST].  The TOE should be used in accordance with the supporting guidance documentation.  This Certification report is only valid for the evaluated configurations of the TOE. B 2 Identification of TOE The TOE is the OAM (Operation, Administration & Management/Maintenance) Module running on VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer. The TOE version number is 10.00V20180912FS.It is a unique product and is used with E1, 160Mbps Voice and Data Multiplexer. Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 8 of 14 B 3 Security policy There is no Organizational security policies that the TOE must meet. B.4 Assumptions There are following assumptions exist in the TOE environment. Table 1: Assumptions ASSUMPTION CODE DESCRIPTION A.NO_HOSTILE The administrators are not careless or willfully negligent and will abide by the administrator guidance. A.LOCATE The resources of the TOE will always be located within controlled access facility, which will prevent unauthorized physical access. A.TRAIN_AUDIT The auditor is trained to review logs regularly and identify sources of concern. A.LOG_OUT The user connected through physical ports are expected to exit the session before he leaves the system unattended. B.5 Evaluated configuration The Target of Evaluation (TOE) is an Operation, Administration and Management/ Maintenance Module (OAM Module) which works as authentication, access control operation, user administration and management/maintenance module. TOE, the software, is used with VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer to access and set the OAM card configuration and other non-TOE card (Core [Control Card, E1 Card, PSU], Ringer Card, FXS Card/ Hotline Card, FXO Card, E&M Card, 64IF Card, NX64 Card, RIO Card, G.703 Card, RS-232 Card, C37.94 TP Card, TP4C Card, Ethernet + Optical Card & Ethernet Card) configuration. The TOE is the OAM Module implemented on Linux operating system Version: 2.6.31GNU/Linux. The TOE (OAM product.tar.bz2) along with other files (rootfs.tar.bz2, rwfs.tar.bz2 & linux.sb) is loaded in flash memory. The TOE is used for authentication of users (superuser, systemuser and audituser) and provides access to the systems resources in controlled LAN environment. The RTC stored in control card provides a source of date and time information for the TOE, which is used in audit timestamps. When the system is powered ON the time stored in the RTC is brought into the OAM oscillator. The oscillator of the OAM maintains the time of the system thus giving the necessary time stamps for logging purposes. The date and time can be set in the Control Card by using help/rtc/ Command. After a power failure, RTC maintains its date and time using Lithium Ion battery of control card. The OAM Interface provides two serial ports (RS232 and USB) and one Ethernet port (RJ45) to login OAM. The OAM communicates with the other cards through control card. The superuser accesses OAM locally through serial port. System user and audituser access through Ethernet port (RJ45) through SSH and systemuser additionally access through serial port. The User connects to the OAM through login interface. There are three types of users: • Superuser: The “Superuser”, who is also the system administrator, creates “users” and assigns the password for each such user. Superuser has the access to the OAM settings and its configuration (specifically it can change network settings of OAM and can create and delete systemuser). Superuser can access OAM through serial port (RS232 and USB) Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 9 of 14 • Systemuser: A “Systemuser” is any normal user of the system that is 'created' by 'superuser'. While the “systemuser” are provided with an access to the system, they only have a limited access to the OAM settings and its configuration. • Audituser: An 'audituser' is a user who shall be able to view and download the LOG files by accessing the system on Ethernet port using SSH protocol and shall not have access to anything else in the system. Only 'superuser' can change audituser’s password. TOE Software Identification- OAM (Operation, Administration & Management/Maintenance) Module running on VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer. The version number was 10.00V20180912FS. Table 2: Details of evaluated instantiations of the TOE: Unique reference of evaluated Software (Version no. 10.00V20180912FS) File name File Size MD5 hash linux.sb 2197776 00a0d9243f915c589d78fa460e41f148 product.tar.bz2 83594 dce8854ec2b507cd3a69e07e0d5bfe83 rootfs.tar.bz2 31916564 b2ac2706eea30dfdefc2a28a176953f6 rwfs.tar.bz2 560117 bbf3b8e8abc3b3c21cf5ba68384c9f35 The non-TOE hardware required by the TOE:  VCL-MX Version 6 Chassis along with its power supply unit and connection cables.  Ethernet wire, USB cable, RS-232.  Non-TOE cards: Core(Control Card, E1 Card, PSU), Ringer Card, FXS Card/ Hotline Card, FXO Card E&M Card, 64IF Card, NX64 Card, RIO Card, G.703 Card, RS-232 Card, C37.94 TP Card, TP4C Card Ethernet + Optical Card, Ethernet Card The non-TOE software required by the TOE includes:  A third party software to communicate with OAM ex. TeraTerm or PuTTY. B.6 Document evaluation B.6.1 Documentation The list of documents, those were presented, as evaluation evidences to the evaluators at the evaluation facility by the developer, are given below: 1. Security Target: OAM (Operation, Administration & Management/Maintenance) Module running on VCL-MX Version6 80 E1, 160Mbps Voice & Data Multiplexer. 2. TOE Functional Specification document: OAM Functional specification. 3. Preparative procedures: Preparatory Guidance Document 4. Operational User guidance: Operational User Guidance, AGD_OPE: 5. Configuration Management, Capability /scope B.6.2 Analysis of document The developers documents related to the following areas were analyzed using [CEM]. The summary of analysis is as below: Development process: The evaluators have analyzed the functional specification of the TOE and found that the TOE security function interfaces [TSFI} are described clearly and unambiguously. Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 10 of 14 Guidance Documents: The evaluators have analysed guidance documents like preparative procedure and operational user guidance and determined that preparative procedure describes clear and unambiguous steps to bring the TOE to its secure state. The operational user guidance information was also clear and unambiguous. Life-cycle support documents: The Life cycle support process document, containing information on Configuration Management capability and scope were evaluated. Configuration management: The evaluators have analyzed configuration management documentation and determined that the TOE and its associated components and documents are clearly identified as configurable items (CI). B 7 Product Testing Testing effort required for EAL1 consists of the following two steps: Independent Testing by Evaluation Team and Vulnerability analysis & Penetration testing. B 7.1 IT Product Independent Testing by Evaluation Team The evaluators’ independent functional testing effort is summarized as below. All testing was planned and documented to a sufficient level of detail to allow repeatability of the testing procedures and reproducibility of results as per the Test Plan: STQC-IT Delhi/CC/TP02/OAM. The evaluators have examined the TOE and it is found to be configurable as per the description given in the developer’s preparative guidance document. It is also observed that the test configuration is consistent with the description as given in the security target document. The highlights of Independent testing are given below: The TOE has been installed properly as per the preparative procedure document. While making the test strategy for independent testing, considerations were given to cover the security requirements, as well as the security specification as defined in the security target, interfaces available to the users to cover each of security functional requirements. Independent testing w e r e d e s i g n e d to verify the correct implementation of security functionalities available to different types of users and to check whether audit is being generated for auditable events, also checked for the privilege escalation is prevented. The tests were designed to cover following TSFs and associated TSFIs of the TOE: a. Security Audit The OAM Module creates and stores audit records for the f user activities. Audit records are stored in 100KB files locally on NAND Flash. The overall memory allocated on NAND Flash for audit storage is 10 MB. When a 100 KB audit file is exhausted, a new file is created for audit storage and the process continues until whole 10 MB audit storage exhausts. After the whole 10 MB storage is exhausted, the LOG files are deleted in FIFO manner for further audit storage. In a LOG file, LOGS of events are written in sequence of occurrence. This ensures that even if someone tries to vary the clock of the system, the login attempt and introduced changes are logged as latest entries irrespective of system clock time stamp. “Audituser” shall be able to view and review the logs by accessing the system through SSH and shall not have access to anything else in the system. Other than audituser, only superuser can view filtered LOGS through CLI interface b. Identification and authentication The TOE requires users to provide unique authentication information before any access to the system is granted. The TSF enforces binding between users and TOE. User accounts in the TOE have Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 11 of 14 the following attributes: user identity (username), authentication data (password) and user role ("Superuser", "Systemuser" "Audituser"). Every user has an entry in the database, which includes username, password (hashed) and user role. The passwords are stored in hashed format in accordance with salted MD5 algorithm. Superuser assigns default passwords during Systemuser creation and these passwords do not fulfill password strength requirements. Systemuser is forced to change this default password to a secure password of strength >=14. The TSF detects when unsuccessful authentication attempts occur related to wrong user names or passwords c. Security management The Authorized Administrator (Superuser) is responsible for managing (creation, deletion) user accounts. The TOE provides systemuser access either through the physical serial port (USB/RS232) or remotely over the Trusted Path using the SSH2 protocol. Superuser/System can view the system settings, Change the network configuration i.e. IP Address, Subnet Mask, Gateway and DNS Addresses and control the system. d. TOE Access function The TSF shall be able to deny session establishment based on 1. Incorrect login credentials i.e. username and password 2. Incompatible mode (like Ethernet, serial port) of access. Following are correct ports of access as per the user role: Audituser – using Ethernet port (RJ45) through SSH protocol Superuser – using serial port (USB/RS232) Systemuser – using serial port (USB/RS232) and Ethernet port (RJ45) All access attempts to the TOE require passing through an authentication mechanism. Users can terminate user sessions. The sessions through SSH expire after 6 minutes. The TSF enforces, by default, a limit of 1 session per user. The system closes the existing sessions immediately if it is interrupted due to reasons such as time-out, power failure, and resetting and link disconnection. e. Protection of Security Functions The TOE provides protection mechanisms for its security functions. One of the protection mechanisms is that users must authenticate before any administrative operations can be performed on the system, whether those functions are related to the management of user accounts or the configuration of access control. The RTC stored in control card provides a source of date and time information for the TOE, which is used in audit timestamps. When the system is powered ON the time stored in the RTC is brought into the OAM oscillator. The oscillator of the OAM maintains the time of the system thus giving the necessary time stamps for LOG purposes. In the event of either the failure or the removal of the OAM Card from the chassis, the session terminates. The previous configurations in the other cards continue as long as power failure does not occur. It will remain in secure state. f. TRUSTED PATH/CHANNELS The TOE supports and enforces Trusted Channels that protect the communications between the TOE and Users from unauthorized disclosure or modification of data. The TOE achieves Trusted Path by use of the SSH protocol which ensures the confidentiality and integrity of communication with the users (systemusers). g. CRYPTOGRAPHIC SUPPORT The TOE uses salted MD5 Hashing technique to store passwords. MD5 is used to verify through the creation of a 128-bit message digest from data input that is claimed to be unique. The SSH protocol is Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 12 of 14 followed for establishing a trusted channel between the user and the OAM system through exchange of keys as per SSH File transfer protocol. B 7.3 Vulnerability Analysis and Penetration testing The possible security vulnerabilities were searched from public domain considering the reported vulnerabilities of similar products/technology. In search of potential vulnerabilities from public domain, scanning tools are used by the Evaluation facility. Vulnerability scanning was conducted to find out open ports, services and their associated vulnerabilities. OpenVAS scanning tool is used with the latest feeds to find out hypothesized potential vulnerabilities present in the TOE. The attack potential for each of the vulnerabilities was calculated using guidance given in CEMv3.1 and considering various factors like the time to identify & exploit the vulnerability, expertise required, knowledge of the TOE, windows of opportunity and equipment requirement. Subsequent to the independent review of public domain vulnerability databases and all evaluation evidences, potential vulnerabilities were identified with their attack potentials. The potential vulnerabilities with ‘Basic’ attack potential were considered for penetration testing. The potential vulnerabilities with higher than ‘Basic’ attack potential are treated as residual vulnerabilities. Penetration testing scenarios are summarized as below:  TSF behavior in case of TCP flooding on the TOE  Inheriting privileges or other capabilities that should otherwise be denied; i.e., whether users of different roles can escalate their privileges beyond their defined privileges as given in ST, bypassing implemented mechanism in TOE. Mis-use of privilege escalation by lower level users / Vulnerability through specified interfaces  Attempt to crack the salted MD5 through which the user password is hashed and stored in the TOE.  Improper input validation of string format in the username and host argument. If specific usernames including "%" symbols can be created on a system then an attacker could run arbitrary code as root when connecting to Dropbear server. The penetration testing could not exploit any vulnerability in the intended operational environment of the TOE. However, these vulnerabilities may be exploited with higher attack potential. B 8 Evaluation Results The evaluation team has documented the evaluation results in the [ETR]. The TOE was evaluated through evaluation of its e v a l u a t i o n evidences, documentation, testing and vulnerability assessment using methodology stated in [CEM] and laboratory operative procedure [QA/EP- 10]. Documentation evaluation results: The documents for TOE and its development life cycle h a v e b e e n analyzed by the evaluator in view of the requirements of the respective work units of the [CEM]. The final versions of the documents were found to comply with the requirements of CCv3.1 for EAL1. Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 13 of 14 Testing: The independent functional tests yielded the expected results, giving assurance that ‘(Operation, Administration & Management/Maintenance) Module running on VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer’, the TOE version number is 10.00V20180912FS,)’ behaves as specified in its [ST], functional specification. Vulnerability assessment and penetration testing: The penetration testing with ‘Basic’ attack potential could not exploit the potential vulnerabilities identified through vulnerability assessment. B 9 Validator Comments The Validator has reviewed the Evaluation Technical Report [ETR] along with all relevant evaluation evidences, documents, records, etc. and are in agreement with the conclusion made in it i.e.  The [ST] has satisfied all the requirements of the assurance class ASE for EAL1 evaluation.  The results of evaluation of product and process documentation, independent testing and vulnerability assessment confirm that the TOE ‘OAM (Operation, Administration & Management/Maintenance) Module running on VCL-MX Version 6 80 E1, 160Mbps Voice & Data Multiplexer’, the TOE version number 10.00V20180912FS, satisfies all the security functional requirements and assurance requirements as defined in the [ST]. Hence, the TOE is recommended for EAL1 Certification as per CC version 3.1. However, it should be noted that there are no Protection Profile compliance claims, it is evaluated based on the Security target [ST]. B 10 List of Acronyms ACL: Access Control List CC: Common Criteria CCTL: Common Criteria Test Laboratory CEM: Common Evaluation Methodology EAL: Evaluation Assurance Level ETR: Evaluation Technical Report FSP: Functional Specification IC3S: Indian Common Criteria Certification Scheme IT: Information Technology PP: Protection Profile ST: Security Target TOE: Target of Evaluation TDS: TOE Design Specification TSF: TOE Security Function TSFI: TOE Security Function Interface Report No: IC3S/DEL01/VALIANT/EAL1/0317/0007/CR STQC CERTIFICATION SERVICES Page 14 of 14 B 11 References 1. [CC-I]: Common Criteria for Information Technology Security Evaluation: Part 1: Version 3.1 2. [CC-II]: Common Criteria for Information Technology Security Evaluation: Part 2: Version 3.1 3. [CC-III]: Common Criteria for Information Technology Security Evaluation: Part 3: Version 3.1 4. [CEM]: Common Methodology for Information Methodology: Version 3.1 5. [ST] : Security Target: OAM (Operation, Administration & Management/Maintenance) Module running on VCL-MX Version6 80 E1, 160Mbps Voice & Data Multiplexer 6. [ETR]: Evaluation Technical Report No. CCTL-ERTL (N)/Valiant/OAM/CC/ETR-04/11/2018/172 7. [QA/EP-10]: CCTL operating procedure