Add detailed secure update requirements and explanation (f8aa68bc) · Commits · STAN4CRA / EN 304 620 Virtual Private Networks Part 1

EN-304-620-1.md

+2 −2

Original line number	Diff line number	Diff line
		@@ -716,7 +716,7 @@ Attacker may use known exploitable vulnerabilities in the product implementation
		\| max(DAT, FUN, COM) > 0 \| High \| SP-2, SP-3, SP-4 \|
		\| all others \| Medium \| SP-1 \|

		Requirements that mitigate this threat: NKEV, SSDD, NPII, LOGG, VULH
		Requirements that mitigate this threat: NKEV, SSDD, SCUD, NPII, LOGG, VULH

		All mitigations from TH-UEVU apply (using that requirement's risk formula), in addition to:

		@@ -724,7 +724,7 @@ Mitigations for Likelihood:

		* Medium to Low: (KEVD or KEVA), (KEVM or KEVT or SCAN), (SUVP or SUAP or SUOE or SUAO), VULH

		* High to Low: KEVD, KEVA, (KEVM or KEVT or SCAN), (SUAP or SUAO), VULH
		* High to Low: KEVD, KEVA, (KEVM or KEVT or SCAN), (SUAP or SUAO), SUCS, SUAU, SUVH, SURP, SURC, SUSR, SUMV, SUED, VULH

		### C.4.5 TH-UEAC: Unauthorized endpoint access

+10 −0

Original line number	Diff line number	Diff line
		@@ -243,6 +243,8 @@ The technical documentation provided with the product shall document that the op

		#### 5.2.4.7 MI-SUCS: Updates are signed and verified before installation

		Editor's note:* The following secure update requirements are generic to all secure updates and should likely be in a separate standard, but we have placed them directly in this standard for comment and review.

		Updates for the product are cryptographically signed. The product shall verify the embedded signature before installation in order to mitigate the installation of tampered and/or modified updates.

		* Applicability: Product expected use is long enough to require updates
		@@ -1218,6 +1220,14 @@ This clause lists all the mitigations necessary to meet requirements for each se
		1. ROUT-3
		1. SCFS
		1. SSCA
		1. SUCS
		1. SUAU
		1. SUVH
		1. SURP
		1. SURC
		1. SUSR
		1. SUMV
		1. SUED
		1. TRAF-1
		1. VULH