Trusted System Development Methodology (TSDM) Level 2 vs. Common Criteria

Certain draft PKI RFCs and DoD PKI requirements documents refer to the “Trusted System Development Methodology (TSDM) Level 2”, it also goes by other names such as “Trusted Software Development Methodology” and “Trusted Software Methodology”. The actual reference is most likely this:

Department of Defense, Strategic Defense Initiative Organization, “Trusted Software Methodology” Volumes 1 & 2, SDI-S-SD-000007, June 17, 1992.

If so, we’re talking about a relatively “ancient” standard, i.e., TCSEC “Orange Book” Class C2, in comparison to the current requirements of the Common Criteria. One could assert that the products certified with Common Criteria at EAL4+ could meet or exceed the old TSDM requirements.