Unverified Commit 21ad8a0e authored by Aki Braun's avatar Aki Braun
Browse files

Fix typos and malformed markup

parent 5fa7670a

EN-304-620.md

+17 −17
Original line number Diff line number Diff line
@@ -132,15 +132,15 @@ The following types of products have reduced or varied requirements under Regula 


The following referenced documents are necessary for the application of the present document.



<span id="_ref_1"></span><a name="_ref_1">[1]</a>CEN EN 40000-1-2 (2025): "Cybersecurity requirements for products with digital elements — General principles for cyber resilience"

<span id="_ref_1">[1]</span> CEN EN 40000-1-2 (2025): "Cybersecurity requirements for products with digital elements — General principles for cyber resilience"



<span id="_ref_2"><a name="_ref_2">[2]</a>CEN EN 40000-1-3 (2025): "Cybersecurity requirements for products with digital elements – Vulnerability Handling"

<span id="_ref_2">[2]</span> CEN EN 40000-1-3 (2025): "Cybersecurity requirements for products with digital elements – Vulnerability Handling"



<span id="_ref_3"><a name="_ref_3">[3]</a>EUCC (v2) "EUCC Guidelines Cryptography v2". [https://certification.enisa.europa.eu/publications/eucc-guidelines-cryptography_en](https://certification.enisa.europa.eu/publications/eucc-guidelines-cryptography_en)

<span id="_ref_3">[3]</span> EUCC (v2) "EUCC Guidelines Cryptography v2". [https://certification.enisa.europa.eu/publications/eucc-guidelines-cryptography_en](https://certification.enisa.europa.eu/publications/eucc-guidelines-cryptography_en)



<span id="_ref_4"><a name="_ref_4">[4]</a>CEN TK (TK): Vocabulary document from CEN-CENELEC JTC13 WG9

<span id="_ref_4">[4]</span> CEN TK (TK): Vocabulary document from CEN-CENELEC JTC13 WG9



<span id="_ref_5"><a name="_ref_5">[5]</a>ETSI TK (TK): Shared vocabulary document from ETSI TC CYBER WG EUSR

<span id="_ref_5">[5]</span> ETSI TK (TK): Shared vocabulary document from ETSI TC CYBER WG EUSR



[EDRs](https://portal.etsi.org/Services/editHelp!/Howtostart/ETSIDraftingRules.aspx)

[ETSI docbox](https://docbox.etsi.org/Reference/)
@@ -153,25 +153,25 @@ References are either specific (identified by date of publication and/or edition 


The following referenced documents may be useful in implementing an ETSI deliverable or add to the reader's understanding but are not required for conformance to the present document.



<span id="_ref_i.1"></span><a name="_ref_i.1">[i.1]</a>Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act) [https://eur-lex.europa.eu/eli/reg/2024/2847/oj/eng>]

<span id="_ref_i.1">[i.1]</span> Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act) [https://eur-lex.europa.eu/eli/reg/2024/2847/oj/eng>]



<span id="_ref_i.2"><a name="_ref_i.2">[i.2]</a>Commission Implementing Regulation (EU) 2025/2392 of 28 November 2025 on the technical description of the categories of important and critical products with digital elements pursuant to Regulation (EU) 2024/2847 of the European Parliament and of the Council. [https://eur-lex.europa.eu/eli/reg_impl/2025/2392/oj]

<span id="_ref_i.2">[i.2]</span> Commission Implementing Regulation (EU) 2025/2392 of 28 November 2025 on the technical description of the categories of important and critical products with digital elements pursuant to Regulation (EU) 2024/2847 of the European Parliament and of the Council. [https://eur-lex.europa.eu/eli/reg_impl/2025/2392/oj]



<span id="_ref_i.3"><a name="_ref_i.3">[i.3]</a>C(2025)618 – Standardisation request M/606: Commission Implementing decision of 3.2.2025 on a standardisation request to the European Committee for Standardisation (CEN), the European Committee for Electrotechnical Standardisation (CENELEC) and the European Telecommunications Standards Institute (ETSI) as regards products with digital elements in support of Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act). <https://ec.europa.eu/transparency/documents-register/detail?ref=C(2025)618&lang=en>

<span id="_ref_i.3">[i.3]</span> C(2025)618 – Standardisation request M/606: Commission Implementing decision of 3.2.2025 on a standardisation request to the European Committee for Standardisation (CEN), the European Committee for Electrotechnical Standardisation (CENELEC) and the European Telecommunications Standards Institute (ETSI) as regards products with digital elements in support of Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act). <https://ec.europa.eu/transparency/documents-register/detail?ref=C(2025)618&lang=en>



<span id="_ref_i.4"><a name="_ref_i.4">[i.4]</a>Commission Recommendation of 6 May 2003 concerning the definition of micro, small and medium-sized enterprises (Text with EEA relevance) (notified under document number C(2003) 1422). <https://eur-lex.europa.eu/eli/reco/2003/361/oj/eng>

<span id="_ref_i.4">[i.4]</span> Commission Recommendation of 6 May 2003 concerning the definition of micro, small and medium-sized enterprises (Text with EEA relevance) (notified under document number C(2003) 1422). <https://eur-lex.europa.eu/eli/reco/2003/361/oj/eng>



<span id="_ref_i.5"><a name="_ref_i.5">[i.5]</a>Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act). <https://eur-lex.europa.eu/eli/reg/2019/881>

<span id="_ref_i.5">[i.5]</span> Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act). <https://eur-lex.europa.eu/eli/reg/2019/881>



<span id="_ref_i.6"><a name="_ref_i.6">[i.6]</a>ETSI EN 303 645 (v3.1.3 2024-09): "Cyber Security for Consumer Internet of Things: Baseline Requirements". <https://www.etsi.org/deliver/etsi_en/303600_303699/303645/03.01.03_60/en_303645v030103p.pdf>

<span id="_ref_i.6">[i.6]</span> ETSI EN 303 645 (v3.1.3 2024-09): "Cyber Security for Consumer Internet of Things: Baseline Requirements". <https://www.etsi.org/deliver/etsi_en/303600_303699/303645/03.01.03_60/en_303645v030103p.pdf>



<span id="_ref_i.7"><a name="_ref_i.7">[i.7]</a>ETSI TC 103 701 (v2.1.1 2025-05) "Cyber Security for Consumer Internet of Things: Conformance Assessment of Baseline Requirements". <https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf>

<span id="_ref_i.7">[i.7]</span> ETSI TC 103 701 (v2.1.1 2025-05) "Cyber Security for Consumer Internet of Things: Conformance Assessment of Baseline Requirements". <https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf>



<span id="_ref_i.8"><a name="_ref_i.8">[i.8]</a>CEN-CENELEC 18031 series (2024): "Common security requirements for radio equipment".

<span id="_ref_i.8">[i.8]</span> CEN-CENELEC 18031 series (2024): "Common security requirements for radio equipment".



<span id="_ref_i.9"><a name="_ref_i.9">[i.9]</a>IEEE-ITSO 6100 (1.0.0): "Uptane Standard for Design and Implementation". <https://uptane.org/papers/ieee-isto-6100.1.0.0.uptane-standard.html>

<span id="_ref_i.9">[i.9]</span> IEEE-ITSO 6100 (1.0.0): "Uptane Standard for Design and Implementation". <https://uptane.org/papers/ieee-isto-6100.1.0.0.uptane-standard.html>



<span id="_ref_i.10"><a name="_ref_i.10">[10]</a>ITU-T x.509: "Public-key and attribute certificate frameworks". <https://www.itu.int/rec/T-REC-X.509/en>

<span id="_ref_i.10">[10]</span> ITU-T x.509: "Public-key and attribute certificate frameworks". <https://www.itu.int/rec/T-REC-X.509/en>



[References]: https://portal.etsi.org/Portals/0/TBpages/edithelp/Docs/News_from_editHelp/References_in_ETSI_deliverables.pdf
@@ -1194,7 +1194,7 @@ Security profiles are an informative resource to the assessor. Each security pro 


### C.6.2 Mapping of security profiles to risk factors



**Table C.6.2-1: MApping of security profiles to risk factors**

**Table C.6.2-1: Mapping of security profiles to risk factors**



| Security Profile | Description                 | CFG | AUT | DAT | FUN | ADM | RDP | DNC | COM | CON | PII |

|------------------|-----------------------------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|
@@ -1228,7 +1228,7 @@ This clause describes the methodology followed in the current text. 


## D.2 Mapping of risks to requirements



**Table D.2-1: Mapping of risks to reqquirements**

**Table D.2-1: Mapping of risks to requirements**



| Threat | Requirements                                                |

|--------|-------------------------------------------------------------|