4 Operational user guidance
4.1 User roles
The following user roles are distinguished for this TOE:
• Integrator
The integrator is the one to receive the TOE, perform the preparative procedures as described in
Section 3 Preparative procedures, and integrate the TOE into a full IoT solution. The user operational guidance
is described in Section 4.2 Operational guidance for the integrator role.
The integrator is responsible for personalizing the product data and for configuring the security of their product
following the guidelines provided by STMicroelectronics.
The integrator has full access to the source code delivered in the software package, has full access to the
STM32U585xx chip security features (The STM32U585xx chip is delivered as a virgin state without any security
features activated) that will be integrated on its board and has full access to the tools needed to program the
TOE.
4.2 Operational guidance for the integrator role
4.2.1 User‑accessible functions and privileges (AGD_OPE.1.1C)
The main task of the integrator is to integrate the TOE into a full IoT solution. To this end, the system integrator
has access to interfaces that are unavailable for other users, as described in Section 4.2.2 Available interfaces
and methods of use (AGD_OPE.1.2C and AGD_OPE.1.3C). The integrator can also change some parts outside
or inside the TOE, nevertheless, some changes may impact the certified configuration of the TOE. The TOE
scope evaluated covers all parts located in the secure domain except the part located in the secure unprivileged
domain that is isolated from the secure privilege domain:
Figure 2. TOE scope
Follow procedures described in Section 3.1 Secure acceptance to check if the TOE in the certified configuration
is used. The certified configuration of the TOE may be impacted when changing some parts of the TOE but may
also be impacted when changing some parts located outside the TOE scope. This section describes changes that
the integrator can do and clarify what is covered in the scope of the evaluation and what may impact the certified
configuration of the TOE.
The integrator must follow the guidelines described in that section, as a failure to do so means that the TOE is not
used in the certified configuration.
UM2852
Operational user guidance
UM2852 - Rev 1
page 9/27
To Next Page
Loading...
Need help?
General
