ABSTRACT
This chapter explains how to express security requirements through the instrument of a Protection Profile (PP) using the Common Criteria (CC) standardized methodology, syntax, and notation. The required content and format of a PP are discussed section by section. The perspective from which to read and interpret PPs is defined. In addition, the purpose, scope, and development of a PP are mapped to both a generic system lifecycle and a generic procurement sequence.
