background image
Samsung OpenSSL Cryptographic Module
FIPS 140-2 Security Policy
© 2013 Samsung/atsec information security. This document can be reproduced and distributed only whole and intact,
including this copyright notice.
20 of 24
11. Design Assurance
11.1. Configuration Management
All source code is maintained in internal source code servers and the tools, Perforce and SVN, are
used as code control. Perforce is used for commercial products and SVN is used for in-development
projects. Release is based on the Change List number, which is auto-generated. Every check-in
process creates a new change list number.
Versions of controlled items include information about each version. For documentation, revision
history inside the document provides the current version of the document. Version control
maintains the all the previous version and the version control system automatically numbers
revisions.
For source code, unique information is associated with each version such that source code
versions can be associated with binary versions of the final product.
11.2. Delivery and Operation
The Crypto module is never released as Source code. The module sources are stored and
maintained at a secure development facility with controlled access.
The development team and the manufacturing factory share a secured internal server for
exchanging binary software images. The factory is also a secure site with strict access control to
the manufacturing facilities. The module binary is installed on the mobile devices (phone and
tablets) using direct binary image installation at the factory. The mobile devices are then delivered
to mobile service operators. Users cannot install or modify the module. The developer also has the
capability to deliver software updates to service operators who in turn can update end-user
phones and tablets using Over-The-Air (OTA) updates. Alternatively, the users may bring their
mobile devices to service stations where authorized operators may use developer-supplied tools to
install software updates on the phone. The developer vets all service providers and establishes
secure communication with them for delivery of tools and software updates. If the binary is
modified by unauthorized entity, the device has a feature to detect the change and thus not
accept the binary modified by an unauthorized entity.