英语翻译2（计算机类）拒绝在线翻译The CC has seven levels of assurance: EAL1: Functionally Tested; EAL2: Structurally Tested; EAL3: Methodically Tested and Checked; EAL4: Methodically designed, Tested, and Revised; EAL5: Semiformally D

英语翻译2（计算机类）拒绝在线翻译The CC has seven levels of assurance: EAL1: Functionally Tested; EAL2: Structurally Tested; EAL3: Methodically Tested and Checked; EAL4: Methodically designed, Tested, and Revised; EAL5: Semiformally D
英语翻译2（计算机类）拒绝在线翻译
The CC has seven levels of assurance: EAL1: Functionally Tested; EAL2: Structurally Tested; EAL3: Methodically Tested and Checked; EAL4: Methodically designed, Tested, and Revised; EAL5: Semiformally Designed and Tested; EAL6: Semiformally Verified Design and Tested; and EAL7: Formally Verified Design and Tested. Nevertheless, the level of trust of various methodologies is a qualitative indicator by nature. There are no mathematical formulas to be applied to obtain the level of trust as a value of such an indicator. The evaluation process is highly qualitative as well because all the evaluation evidence, evaluator’s qualification and experience, and evaluation methods are often difficult to quantify.
Second, security metrics are often subjective rather than objective. The Delphi technique, for instance, measure a system security risk by collecting and comparing subjective opinions of individual members of a working group. Each member of the group writes down his or her opinion of a certain security risk on a piece of paper and turns it into the team that is performing the risk analysis. The results are compiled and distributed to the group members who then write down their comments anonymously and return them back to the analysis group. The comments are compiled and redistributed for more comments until a consensus is formed. This method obtains a security metric mainly based on individual’s subjective opinions or experience, and reaches a final conclusion by consensus.
Third, metrics are often defined without a formal model as an underlined support. Security requirements are defined based on a security model. Security metrics are obtained by either static analysis or dynamic testing based on specific security requirements and evidence of assurance. However, the security model is not well established yet in security research and practice in general, though a number of security models do exist, as summarized in [LAND 81]. Finite state machine (FSM) model is commonly used in the literature to describe security models. The state of a system is the collection of the current values of all memory locations, all secondary storage, and all registers and other components of the system. Let P be the set of all the states of a system, Q ζ P, and Q consists of safe states of the system. So when the system state is in Q, the system is secure. A security metric is to indicate quantitatively how often the system state is in Q. Due to the complexity of the information systems, the state explosion problem, as well understood in computer science, prohibits the usage of FSM as a practical security model without further abstraction and modification. .
6月25日15点之前被采纳的答案追加50分悬赏！

英语翻译2（计算机类）拒绝在线翻译The CC has seven levels of assurance: EAL1: Functionally Tested; EAL2: Structurally Tested; EAL3: Methodically Tested and Checked; EAL4: Methodically designed, Tested, and Revised; EAL5: Semiformally D
消委会有七个层次的保证：EAL1：功能测试,提出了EAL2：从结构测试; EAL3：有条不紊地测试和检查; EAL4级别：有条不紊地设计,测试和修改; EAL5级别：Semiformally设计和测试; EAL6：Semiformally验证的设计与测试;与EAL7：正式验证的设计和测试.然而,各种方法的信任程度是定性指标.有没有适用于获得信任的这样一个指标值水平的数学公式.因为所有的证据,评估者的资格和经验,评价方法往往难以量化.其次,安全指标往往是主观的,而不是目的.德尔菲法为例,通过收集和比较,衡量一个工作组的个别成员的主观意见的系统安全风险.每个组的成员写下他或她就在一张纸上一定安全风险的意见,并变成团队正在执行它的风险分析.结果是编制,并分发给小组成员,谁匿名写下他们的意见,并将他们带回的分析组.这些评论是编制和更多的评论再分配,直到形成共识.这种方法获得一个安全指标,主要基于个人经验的主观意见,或经协商一致,达到一个最终的结论.三,指标往往是没有一个正式的模型定义为一个带下划线的支持.安全要求的基础上定义一个安全模型.安全性指标之一,得到了静态分析和动态测试的基础上具体的安全要求和保证的证据.但是,安全模式还没有很好地建立在安全的研究与实践的一般,虽然数目的安全模式确实存在,如[土地81]总结.有限状态机（FSM）模型是在文献中普遍采用的安全模型来描述.一个系统的状态,是所有内存位置当前值的集合,所有的二级存储,所有寄存器和系统的其他组件.设P是所有的系统状态集,QζP和Q组成的系统的安全状态.因此,当系统状态在Q是,该系统是安全的.一个安全定量指标是表明系统的状态如何经常在问：由于是对信息系统,状态爆炸问题,并在计算机科学的理解,复杂性,禁止作为一种实用的安全模型,不再使用抽象的密克罗尼西亚和修改..