Security Target
Version 1.1
2022-03-08
36
6.2.8
FDP_SWI_EXT.1
–
PSD Switching; FDP_SWI_EXT.2
–
PSD Switching Methods;
FDP_SWI_EXT.3
–
Tied Switching
The keyboard, mouse, video, and audio ports are always switched together to the same connected
computer using a push button on the front of the device or the wired PSD remote control. As such, the
keyboard and mouse are always switched together and there are no options to switch peripherals
independently from the keyboard and mouse. When the PSD is attached to a 2-Port Secure KVM Switch,
only pushbuttons numbered 1 and 2 will be detected and functional. When the PSD is attached to a 4-
Port Secure KVM Switch, only pushbuttons numbered 1, 2, 3, and 4 will be detected and functional. When
the PSD is attached to an 8-Port Secure KVM Switch, all eight pushbuttons will be detected and functional.
The TOE does not allow switching to be initiated through automatic port scanning, control through a
connected computer, or control through keyboard shortcuts.
6.2.9
TOE Video Security Function
In addition to the Base-PP SFRs and SFRs related to the Video Function described above, the TOE video
input and output features in this section are also implemented in the TOE video subsystem (depending on
the video protocols supported by the model).
The TOE video auxiliary channel (AUX) path blocks information flows other than the minimal set required
to establish the video link. Unauthorized DisplayPort transactions are prevented by disassembling the
DisplayPort AUX channel transactions to block all unauthorized transactions. The TOE video function filters
the AUX channel by converting it to EDID only. DisplayPort video is converted into HDMI video stream.
Monitor’s EDID is, through EDID channel, read, filtered, and sent to Port’s EDID EEPROM for EDID
emulation.
All AUX channel threats are mitigated through the conversion from DisplayPort to HDMI protocols. All
types of traffic not authorized by the referenced PP are blocked by this TOE function, as the emulated
EEPROM would only support valid EDID read requests from connected computers.
6.2.9.1
DP Models
The following TOE models support DP 1.2 video input and output, and one or two displays.
Table 14: DP Models
Configuration
2-Port
4-Port
8-Port
DisplayPort
Single Head
CS1182DP4
CS1184DP4
CS1188DP4
Dual Head
CS1142DP4
CS1144DP4
CS1148DP4
These models accept DisplayPort for the computer video display interface. The TOE will convert the DP
signal to HDMI inside the TOE and then back to DisplayPort for output to the console display(s). The TOE
rejects communication of EDID information from computer to display, as well as CEC, HDCP, and MCCS
communications.
The TOEs video EDID read procedure is activated once during power‐on or reboot in
order to read the connected display EDID information.