Heimdal Security Evaluator

The Heimdal framework is a process of evaluating a product, taking advantage of several different profiles, which are combined in steps through different operations.

The security properties of a specific product, or TOE, will be summarised in a TOE Profile (TP). Combining requirements (for example from various protection profiles) for a given product category will result in a TOE Category Profile (TCP). Based on the TCP and an environment profile (EP), which contains user and threat properties, a reference profile (RP) can be derived. The final step in the evaluation of a TOE is to weigh the TOE profile against the reference profile, creating an evaluated TOE profile (ETP). A TOE Profile is intended to be designed for each TOE, where as the TOE Category Profiles can be more or less specific; a tree structure may be used to describe the relationships between different TOE Category Profiles. More information and background can be found in (Hallberg Jonas, Hunstad Amund, Bond Anders, Peterson Mikael, & Påhlsson Nils, 2004).

The Heimdal framework introduces the concepts of software can be used for generating profiles for every step in the framework, and may also combine them into an evaluation report, which can be exported to various formats.

The Heimdal Security Evaluator 3000 .NET implements the Heimdal framework. The tool contains a main window, five control windows (Evaluation Control, TOE Profile Manager, TOE Category Profile Manager, Reference Profile Manager, and Environment Profile Manager), and Evaluation Report. Below are screen shots of the Main and Evaluation report windows. The tool is available as FOI Memo 1004. Contact us to receive a copy.