Notes on Protocol Implementation Conformance Statements (PICS)
A Protocol Implementation Conformance Statement or, most commonly, PICS is a structured document which asserts which specific requirements are met by a given implementation of a protocol standard. It is often completed as a record of formal protocol conformance test results, and some automated testing systems machine-author a PICS as output. A potential buyer or user of the implementation can consult the PICS to determine if it meets his or her requirements. PICS may be used with Testing and Test Control Notation Version 3 (TTCN-3). ARC-IT includes statements that can be used to build a formal PICS for security controls.
General structure of PICS
Each item is identified by an item reference (ID) in the first column. The second column contains the statement (question to be answered). The remaining columns record the status of each item, i.e., whether support is mandatory, optional, or conditional, and provide references and notes as appropriate. Marking an item as supported is to be interpreted as a statement that all relevant requirements of the subclauses and normative annexes, cited in the References column for the item, are met by the implementation.
A supplier may also provide, or be required to provide, further information, categorized as either Additional Information or Exception Information. When present, each kind of further information is to be provided in a further subclause of items labeled A<I> or X<I>, respectively, for cross-referencing purposes, where <I> is any unambiguous identification for the item (e.g., simply a numeral). There are no other restrictions on its format or presentation.
NOTE - A completed PICS proforma will indicate by attestations akin to a questionnaire, indicating which PICS are met by a given device. The answers to these questions, including any Additional Information and Exception Information, is the PICS for the implementation in question. The PICS statements included in ARC-IT can be used as the basis for such a questionnaire.
NOTE - Where an implementation is capable of being configured in more than one way, a single PICS may be able to describe all such configurations. However, the supplier has the choice of providing more than one PICS, each covering some subset of the implementation's capabilities, if this makes for easier and clearer presentation of the information.
Additional Information
Items of Additional Information allow a supplier to provide further information intended to assist in the interpretation of the PICS. It is not intended or expected that a large quantity of information will be supplied, and a PICS can be considered complete without any such information. Examples of such Additional Information might be an outline of the ways in which an (single) implementation can be set up to operate in a variety of environments and configurations, or information about aspects of the implementation that are outside the scope of this document but have a bearing upon the answers to some items.
Exception Information
It may happen occasionally that a supplier will wish to answer an item with mandatory status (after any conditions have been applied) in a way that conflicts with the indicated requirement. A claim of exception indicates that the requirement is not met, but provides a mechanism for the supplier to explain why.
Conditional Status
The PICS proforma contains a number of conditional items. These are items for which both the applicability of the item itself, and its status if it does apply, mandatory or optional, are dependent upon whether or not certain other items are supported.
A conditional symbol is of the form "<pred>:<S>", where "<pred>" is a predicate as specified below, and "<S>" is one of the status symbols C, M or O.
If the value of the predicate is true, the conditional item is applicable. Otherwise, the conditional item is not relevant.
A predicate is one of the following:
- An item-reference for an item in the PICS proforma: the value of the predicate is true if the item is marked as supported, and is false otherwise.
- A Boolean expression constructed by combining item-references using the boolean operator OR: the value of the predicate is true if one or more of the items is marked as supported, and is false otherwise. For compactness, item-references combined with a comma are considered to be combined with the OR operator.
- An item-reference or combination of item references as described in the previous two bullet points, followed by "<rel> <num>", such that
- The relationship "<rel>" is "<", "=", or ">", indicating "less than", "equal to", or "greater than" <num>.
- The number "<num>" is an integer.
- The predicate is true if the item-reference is true as defined above and the value defined in the item body matches the numeric relationship indicated by "<rel> <num>", and the predicate is false if either the item-reference is not true as defined above or the value defined in the item body does not match the numeric relationship indicated by "<rel> <num>". A status of C<n> indicates a mutual conditionality such that support of one and one only of the items that have the same predicate and status C<n> is mandatory.
A status of O<n> indicates a mutual conditionality such that the feature is optional but that support of at least one of the items that have the same predicate and status O<n> is mandatory.
A status of M indicates that the feature is mandatory.
A status of O indicates that the feature is optional.