@@ -154,6 +154,8 @@ The present document describes how to demonstrate the compliance of operating sy
## 1.2 Products in scope
### 1.2.1 General
Products in scope are products whose core function and intended or reasonably foreseeable use or misuse is as an operating system. Operating systems include software products with digital elements that provide an abstract interface of the underlying hardware and control the execution of software, and that may provide services such as computing resource management and configuration, scheduling, input-output control, managing data, and providing an interface through which applications interact with system resources and peripherals. The underlying hardware may be virtualized to some degree, as when an operating system is running on a hypervisor.
This category includes but is not limited to:
@@ -169,7 +171,7 @@ This category includes but is not limited to:
Many products contain multiple operating systems which can affect the security functions of other operating system(s) in the product. For example, a Baseboard Management Controllers (BMC) contains an operating system that can manage most or all of the hardware managed by the main system operating system. Radiofrequency transmission devices often have an embedded real-time operating system and the ability to read or write to system memory or trigger interrupts.
### 1.2.1 Elements of operating systems that are in scope
### 1.2.2 Elements of operating systems that are in scope
The scope is limited to the security-relevant parts of the operating system. This includes any element capable of modifying elements that control the security of the system, as well as elements that provide security functionality.
