A supporting tool for creating and maintaining security targets according to ISO/IEC 15408

To acquire the certification according to ISO/IEC 15408 for a target system, it is necessary to create a security target (ST) which specifies security facilities of the system. Creating STs is not an easy task for developers because they do not know how to create STs well, even if they know the security facilities. Meanwhile, STs should be maintained continuously to keep a target system secure. Maintaining STs is not easy as same as creating STs. However, there is no tool to support developers and maintainers to create and maintain STs so far. This paper presents a supporting tool according to ISO/IEC 15408, named ST-Editor. ST-Editor tells users what should be described and how they should be described in STs and provides a helpful and secure editing and maintaining environment of STs.