fix tables 5.1 (5a9d60c6) · Commits · STAN4CRA / EN 304 621 Network Management Systems

EN-304-621.md

+4 −4

Original line number	Diff line number	Diff line
		@@ -415,7 +415,7 @@ The different risk factors have a set of minimun requirements defined that are l
		In case of overlap in the requirements, a stronger and more secure option shall be selected.

		\| Use case \| SRU \| COM \| EXP \| ACL \|
		\|:---\|:-\|:-\|:-\|:-\|
		\|:-----\|:-\|:-\|:-\|:-\|
		\| [4.4.1.1 IoT network with monitoring data collection] \| SRU-L-0 \| COM-L-0 \| EXP-L-0 \| ACC-L-1 \|
		\| [4.4.1.2 Home network deployment] \| SRU-L-0 \| COM-L-1 \| EXP-L-0 \| ACL-L-2 \|
		\| [4.4.2.1 Office network] \| SRU-L-1 \| COM-L-2 \| EXP-L-0 \| ACL-L-2 \|
		@@ -507,7 +507,7 @@ The following are non-technical requirements, that shall be implemented by all p
		- [REQ-GEN-1]: Manufacturer shall provide in the technical documentation a detailed enough systems architecture design description, that enables national bodies like MSA to evaluate and test the product design.

		\| Requirement \| Assesment \|
		\| --------------- \| ------------------------------------------------------------------------------------------------------------- \|
		\|:-\|:-----\|
		\| [REQ-GEN-0] \| Technical documentation exists, is available for national MSAs and has product related risk factors declared. \|
		\| [REQ-GEN-1] \| National MSAs are able to validate the system design comformity without a deployment. \|

		@@ -518,7 +518,7 @@ Depending on the chosen delivery method the maintenance of the OS can be with th
		Note that a container has always an operating system.

		\| Requirement \| Objective \|
		\| ------------------- \| --------------------------------------------------------------------------------------------------------- \|
		\|:-\|:-----\|
		\| [REQ-EXPLOIT-0] \| NMS dependencies to Operating System essential security capabilities are documented. \|
		\| [REQ-EXPLOIT-1] \| Disclosure of new vulnerabilities in the operating system and its dependencies are proactively monitored. \|
		\| [REQ-EXPLOIT-2] \| Instructions how to handle the Operating System upgrades are provided. \|
		@@ -529,7 +529,7 @@ Modern software design can rarely ignore impact of the changes to other componen
		More about [High Availability](#53x-high-availability) in its dedicated chapter.

		\| Requirement \| Objective \|
		\| ------------------- \| --------------------------------------------------------------------------------------------------------------------- \|
		\|:-\|:-----\|
		\| [REQ-EXPLOIT-4] \| PwDE is free of known vulnerabilities at the time it is placed on the market. \|
		\| [REQ-EXPLOIT-5] \| Disclosure of new vulnerabilities in the application dependencies are proactively monitored. \|
		\| [REQ-EXPLOIT-6] \| Application design makes it possible to upgrade the OS while keeping the set High Availability targets. \|

Original line number	Diff line number	Diff line
		@@ -415,7 +415,7 @@ The different risk factors have a set of minimun requirements defined that are l
		In case of overlap in the requirements, a stronger and more secure option shall be selected.

		\| Use case \| SRU \| COM \| EXP \| ACL \|
		\|:---\|:-\|:-\|:-\|:-\|
		\|:-----\|:-\|:-\|:-\|:-\|
		\| [4.4.1.1 IoT network with monitoring data collection] \| SRU-L-0 \| COM-L-0 \| EXP-L-0 \| ACC-L-1 \|
		\| [4.4.1.2 Home network deployment] \| SRU-L-0 \| COM-L-1 \| EXP-L-0 \| ACL-L-2 \|
		\| [4.4.2.1 Office network] \| SRU-L-1 \| COM-L-2 \| EXP-L-0 \| ACL-L-2 \|
		@@ -507,7 +507,7 @@ The following are non-technical requirements, that shall be implemented by all p
		- [REQ-GEN-1]: Manufacturer shall provide in the technical documentation a detailed enough systems architecture design description, that enables national bodies like MSA to evaluate and test the product design.

		\| Requirement \| Assesment \|
		\| --------------- \| ------------------------------------------------------------------------------------------------------------- \|
		\|:-\|:-----\|
		\| [REQ-GEN-0] \| Technical documentation exists, is available for national MSAs and has product related risk factors declared. \|
		\| [REQ-GEN-1] \| National MSAs are able to validate the system design comformity without a deployment. \|

		@@ -518,7 +518,7 @@ Depending on the chosen delivery method the maintenance of the OS can be with th
		Note that a container has always an operating system.

		\| Requirement \| Objective \|
		\| ------------------- \| --------------------------------------------------------------------------------------------------------- \|
		\|:-\|:-----\|
		\| [REQ-EXPLOIT-0] \| NMS dependencies to Operating System essential security capabilities are documented. \|
		\| [REQ-EXPLOIT-1] \| Disclosure of new vulnerabilities in the operating system and its dependencies are proactively monitored. \|
		\| [REQ-EXPLOIT-2] \| Instructions how to handle the Operating System upgrades are provided. \|
		@@ -529,7 +529,7 @@ Modern software design can rarely ignore impact of the changes to other componen
		More about [High Availability](#53x-high-availability) in its dedicated chapter.

		\| Requirement \| Objective \|
		\| ------------------- \| --------------------------------------------------------------------------------------------------------------------- \|
		\|:-\|:-----\|
		\| [REQ-EXPLOIT-4] \| PwDE is free of known vulnerabilities at the time it is placed on the market. \|
		\| [REQ-EXPLOIT-5] \| Disclosure of new vulnerabilities in the application dependencies are proactively monitored. \|
		\| [REQ-EXPLOIT-6] \| Application design makes it possible to upgrade the OS while keeping the set High Availability targets. \|