The component definition model or component definition defines the different components of a component. Each component can be called a component, but they are usually not. In component definition, one component is called an ancestor if it is derived from another component. The inheritance relationship between component definitions in component definition models is the basis of component definitions. Components are typically classified as abstract or concrete. When it comes to concrete components, they can be either interface or abstract.
As mentioned above, component definition models are designed to associate the different components with their respective inputs and corresponding outputs. This process of component definition modeling is implemented in the FIP 140-2 Validating Software Environment. It validates component input/output calls by performing quality assurance analysis and calls for validation data to be stored and referenced in component definition databases. To do this, the software uses a combination of statistical methodologies, database optimization, and validation information. The FIP also validates component definition states, component type, component interface, component validation information, component interface constraints, and component state transition assumptions.
In general, component definition documents are utilized to define component interfaces for components within a system. Components are then connected together according to the defined component definition documents. System security plans can also be implemented using component definition documents. Component interface designs are used to specify the relationships among components within a system. It is often necessary to validate component definitions in order to ensure that component interfaces match with those defined in system security plans.
The component definition model in a system security plan will identify the component interface constraints, component definition states, component definition transition assumptions, and validation information. The purpose of component references in the system security plan is to allow systems to reuse components and/or interface controls when components have been moved between environments. Components must be defined in component definition models in order to satisfy ICD-IDs and other requirements. In addition, component reference models should allow for the use of generic component references for components that do not identify system security attributes directly. To support component reuse, component definition models should describe component relationships and constraints as well.
System security plans may also define an interface for component operations that may include a component directory or a component mapping. In general, component directories provide information about component definition keys and component references for a component. Component maps allow systems to select component instances for a given program. It should be noted that a component definition model should list all component subcomponents and their associated references.
When defining component relationships and component definition mappings, it is important to describe relationships among component components as well. For example, a component definition model for a device driver should identify the device’s logical names and relationships between those component logical names and their component definition counterparts. It is also important to ensure that all component definitions are unique in terms of entity component pointer names and component functions. This is especially important when designing a component definition model for an entity-specific component like an image component or sound component. It is also advisable to document component relationships that are specific to each component.
A component definition model for a component should describe component functions that are known to a component’s users. A component reference should identify component functions that users should not be allowed to execute directly. The component definition model should also document component usage restrictions for users and allow those user roles to have access to restricted component functions. Components that are used by non- privileged users should also be identified and documented so that the component usage can be controlled.
In general, component definition models should allow components to be updated or deleted as required without affecting other components. Components should be added to or deleted from component definition entities so that updates to these entities do not affect other entities. Components should be specified as optional component references to avoid having components rely on one component to satisfy all component references. Components should be specified in an explicit and consistent manner to make it easier for component definition model authors to update component reference information. In addition, components should be specified in an easy to use manner so that component definition model authors can update component references without requiring an introduction to any programming language.