Loading EN-304-621.md +27 −0 Original line number Diff line number Diff line Loading @@ -1425,10 +1425,12 @@ Matching tests for these requirements are listed in [6.3.8 High availability tes | Logging and monitoring mechanisms | [5.3.5 Logging], [5.3.6 Monitoring] | | Secure deletion and data transfer | | [5.1 General]: #51-general [5.1.1 No known exploitable vulnerabilities]: #511-no-known-exploitable-vulnerabilities [5.1.2 Secure design, development and production]: #512-secure-design-development-and-production [5.1.3 Product lifecycle management]: #513-product-lifecycle-management [5.1.4 Product vulneravility management process]: #514-product-vulneravility-management-process [5.2 Technical security requirements specifications]: #52-technical-security-requirements-specifications [5.2.1 Secure channel definition]: #521-secure-channel-definition [5.2.2 Cryptographic key intialization and rotation]: #522-cryptographic-key-intialization-and-rotation [5.2.3 Network segmentation]: #523-network-segmentation Loading @@ -1447,6 +1449,31 @@ Matching tests for these requirements are listed in [6.3.8 High availability tes [5.3.7 Data minimization]: #537-data-minimization [5.3.8 High Availability]: #538-high-availability > Table mapping status of security requirements in each section. Will be removed form the finalized standard. | Section | Content status | Tests status | | ---------------------------------------------------------------------------------- | --------------------------------- | ------------------------------- | | [5.1 General] | will be ammended with new content | todo | | [5.1.1 No known exploitable vulnerabilities] | ready for review | todo | | [5.1.2 Secure design, development and production] | todo | todo | | [5.1.3 Product lifecycle management] | todo | todo | | [5.1.4 Product vulneravility management process] | todo | todo | | [5.2 Technical security requirements specifications] | almost there | todo | | [5.2.1 Secure channel definition] | idea would need refinement | todo | | [5.2.2 Cryptographic key intialization and rotation] | format needs to be changed | todo | | [5.2.3 Network segmentation] | idea would need refinement | todo | | [5.2.4 Appropriate cryptographic libraries] | waits for separate vertical | todo | | [5.2.5 Software Bill of Materials] | waits for AMS input | todo | | [5.2.6 Remote Data Processing Systems] | waits for AMS input | todo | | [5.3.1 Mitigations for user identity integrity] | waits for AMS input | todo | | [5.3.2 Mitigations for ingested data integrity and confidentiality] | ready for review | todo | | [5.3.3 Mitigations for managed device configuration integrity and confidentiality] | ready for review | todo | | [5.3.4 Secure updates] | waits for content from Jon | todo | | [5.3.5 Logging] | waits for AMS input | todo | | [5.3.6 Monitoring] | ready for review | [6.3.6 Monitoring tests] | | [5.3.7 Data minimization] | todo, coupled with monitoring | todo | | [5.3.8 High Availability] | ready for review | [6.3.8 High availability tests] | # Annex B (informative): Relationship between the present document and any related ETSI standards (if any) > List any related ETSI standards and how they interact with the present document. Loading Loading
EN-304-621.md +27 −0 Original line number Diff line number Diff line Loading @@ -1425,10 +1425,12 @@ Matching tests for these requirements are listed in [6.3.8 High availability tes | Logging and monitoring mechanisms | [5.3.5 Logging], [5.3.6 Monitoring] | | Secure deletion and data transfer | | [5.1 General]: #51-general [5.1.1 No known exploitable vulnerabilities]: #511-no-known-exploitable-vulnerabilities [5.1.2 Secure design, development and production]: #512-secure-design-development-and-production [5.1.3 Product lifecycle management]: #513-product-lifecycle-management [5.1.4 Product vulneravility management process]: #514-product-vulneravility-management-process [5.2 Technical security requirements specifications]: #52-technical-security-requirements-specifications [5.2.1 Secure channel definition]: #521-secure-channel-definition [5.2.2 Cryptographic key intialization and rotation]: #522-cryptographic-key-intialization-and-rotation [5.2.3 Network segmentation]: #523-network-segmentation Loading @@ -1447,6 +1449,31 @@ Matching tests for these requirements are listed in [6.3.8 High availability tes [5.3.7 Data minimization]: #537-data-minimization [5.3.8 High Availability]: #538-high-availability > Table mapping status of security requirements in each section. Will be removed form the finalized standard. | Section | Content status | Tests status | | ---------------------------------------------------------------------------------- | --------------------------------- | ------------------------------- | | [5.1 General] | will be ammended with new content | todo | | [5.1.1 No known exploitable vulnerabilities] | ready for review | todo | | [5.1.2 Secure design, development and production] | todo | todo | | [5.1.3 Product lifecycle management] | todo | todo | | [5.1.4 Product vulneravility management process] | todo | todo | | [5.2 Technical security requirements specifications] | almost there | todo | | [5.2.1 Secure channel definition] | idea would need refinement | todo | | [5.2.2 Cryptographic key intialization and rotation] | format needs to be changed | todo | | [5.2.3 Network segmentation] | idea would need refinement | todo | | [5.2.4 Appropriate cryptographic libraries] | waits for separate vertical | todo | | [5.2.5 Software Bill of Materials] | waits for AMS input | todo | | [5.2.6 Remote Data Processing Systems] | waits for AMS input | todo | | [5.3.1 Mitigations for user identity integrity] | waits for AMS input | todo | | [5.3.2 Mitigations for ingested data integrity and confidentiality] | ready for review | todo | | [5.3.3 Mitigations for managed device configuration integrity and confidentiality] | ready for review | todo | | [5.3.4 Secure updates] | waits for content from Jon | todo | | [5.3.5 Logging] | waits for AMS input | todo | | [5.3.6 Monitoring] | ready for review | [6.3.6 Monitoring tests] | | [5.3.7 Data minimization] | todo, coupled with monitoring | todo | | [5.3.8 High Availability] | ready for review | [6.3.8 High availability tests] | # Annex B (informative): Relationship between the present document and any related ETSI standards (if any) > List any related ETSI standards and how they interact with the present document. Loading
