Fixed rendering details

| T-RDPS-03 | Unauthorized disclosure of interactions across the RDPS boundary                                        | DA-RDPS-001      |

| T-RDPS-04 | Unavailability, unacceptable delay, or intolerable degradation of interactions across the RDPS boundary | DA-RDPS-002      |

**Table Annex R-3: Threats to Assets mapping**

**Table Annex R-3: Threats ↔ Assets mapping**

## R.4 Security Requirements

| T-RDPS-04 | REQ-RDPS-L-AVAIL-002                | REQ-RDPS-R-AVAIL-002       |

| T-RDPS-04 | REQ-RDPS-L-AVAIL-003                | REQ-RDPS-R-AVAIL-003       |

**Table Annex R-4: Threats to Requirements mapping**

**Table Annex R-4: Threats ↔ Requirements mapping**

## R.5 Conformity assessment

   Fail:

    * the local product side does not detect the relevant failure, delay, or degradation condition; or

    * the required defined behaviour is not applied when such a condition occurs.

6. Assessment evidence

1. Assessment evidence

   The following evidence may be used to support the assessment:

    * design and configuration evidence for detection and timeliness controls;

#### R.5.2.8 Assessment case for REQ-RDPS-R-CONF-002

1. Assessment Reference Requirement: REQ-RDPS-R-CONF-002

1. Assessment objective

2. Assessment objective

   The objective of the assessment is to verify that the RDPS side protects the confidentiality of relevant exchanged data using cryptographic confidentiality protection.

2. Assessment preparation

3. Assessment preparation

   Before starting the assessment, the following shall be identified:

    * the RDPS-dependent product function;

    * the exchanged data requiring confidentiality protection; and

    * the cryptographic confidentiality-protection mechanism used during exchange.

3. Assessment activities

4. Assessment activities

   The assessment shall include the following activities:

    * inspect the design and configuration of the cryptographic confidentiality-protection mechanism;

    * verify that the identified exchanged data is protected by that mechanism during exchange; and

    * verify that exchange of such data without the required cryptographic confidentiality protection is prevented.

4. Assessment verdict

5. Assessment verdict

   Pass:

    * relevant exchanged data is protected using cryptographic confidentiality protection; and

    Fail:

    * the RDPS side exchanges relevant confidential data without cryptographic confidentiality protection; or

    * the configured confidentiality mechanism is not effectively applied to the relevant data exchange.

1. Assessment evidence

6. Assessment evidence

    The following evidence may be used to support the assessment:

    * design and configuration evidence for the cryptographic confidentiality mechanism; and

    * evidence showing protected exchange of the relevant data.

    * confidentiality protection is established with the intended local product-side endpoint;

    * protected data is disclosed only to that intended endpoint; and

    * exchanges with other endpoints do not result in disclosure of the protected data.

   Fail:

    * the RDPS side discloses protected data without establishing confidentiality protection with the intended local product-side endpoint; or

    * the RDPS side discloses the protected data to endpoints other than the intended local product-side endpoint.

   Pass:

    * the RDPS side applies the defined degraded behaviour or secure state under the relevant failure conditions; and

    * recovery support is available and usable where necessary to restore secure operation.

   Fail:

    * the RDPS side does not apply the defined degraded behaviour or secure state under the relevant failure conditions; or

    * required recovery support is absent or ineffective.