The new conceptual framework for CC 3.0


The one thing that all CC experts agreed on for CC v2 was that it was quite hard to understand and confusing. An important reason for this was the use of a lot of difficult terminology (security functional component, security functional requirement, security functional policy, security function, TOE security functions, TOE security policy to name a few). The relations between all this terms were hard to understand as well, not only for laymen, but also for experts.
For CC v3, a new framework has been provided, which has been substantially simplified, uses much less terms, and is much easier to understand.