What is security robustness?
Security robustness is a qualitative metric determined by security functionality (e.g., encryption, access controls), plus the strength of the implementing mechanism (e.g., 256 bit key length), plus security assurance (achieved through testing, evaluation, etc). The U.S. Government is developing CC Protection Profiles that fall into one of three robustness levels; basic, medium, and high. Protection profiles in development and NIAP validated can be found at the CCEVS web pages.