Commit f437eb2c authored by Santeri Toikka's avatar Santeri Toikka
Browse files

Cleaned a shall from chapter 4

Closes #384
parent 3bbab4c9
Loading
Loading
Loading
Loading
+3 −2
Original line number Diff line number Diff line
@@ -226,7 +226,7 @@ The table below is an example, how the example use cases could be mapped to diff
The To Be Defined (TBD) represent manufacturer design choices and what market the product is intended to be used in.
The product can be targeted to an audience, where the given risk factor evaluation is different.
For example the [4.4.2.1 Office network] evaluation table could be expanded to all existing combinations of low, medium, and high, in the risk factors that has TBD in place.
When the same product is provided to multiple different markets, highest risk factor shall be used.
When the same product is provided to multiple different markets, highest risk factor selection appears as an appropriate selection.

[4.4.1.1 IoT network with monitoring data collection]: #4411-iot-network-with-monitoring-data-collection
[4.4.1.2 Home network deployment]: #4412-home-network-deployment
@@ -237,7 +237,8 @@ When the same product is provided to multiple different markets, highest risk fa

In the present context a security profile is the identification and mapping of assets, threats, resulting risks, and mitigating objectives that are furthermore covered by security requirements. The mapping thereby ensures that all identified threats are repelled or mitigated.

All products with digital elements have a common set of requirements which is essential to be addressed regardless of the system design or of the intended market. These essential security requirements are defined in the CRA [\[i.1\]](#_ref_i.1). The present document tries also to identify risk factors that are not obvious in all scenarios.
All products with digital elements have a common set of requirements which is essential to be addressed regardless of the system design or of the intended market.
 These essential security requirements are defined in the CRA [\[i.1\]](#_ref_i.1). The present document tries also to identify risk factors that are not obvious in all scenarios.

## 4.7 Essential functions