@@ -351,14 +351,14 @@ A final category for SIEM systems that may instead represent a set of use cases
- MSSP remote service for other use cases
### 4.4.1 On premises SIEM system
### 4.4.1 Self-hosted SIEM system
-**UC-OP-1**On Premises SIEM system
-**UC-OP-1**Self-hosted SIEM system
- All hardware and software for SIEM system owned and operated by consumer.
- Consumer manages and operates all aspects of SIEM system.
-**UC-OP-2**On Premises MSSP system
-**UC-OP-2**Self-hosted MSSP system with external functions
- Hardware and software on customer premises, but some elements are remote or operted by remote MSSP
- Consumer may delegate some SIEM functions to MSSP.
@@ -565,8 +565,8 @@ Security functions a SIEM product may provide to other components of the system
## 5.1 General
**[REQ-1]**: Manufacturer shall declare in the technical documentation with what [Risk factors](#45-risk-factors) the product with digital elements shall be evaluated.
**[REQ-2]**: Manufacturer shall provide in the technical documentation a detailed enough systems architecture design description, that enables national bodies like MSA to evaluate and test the product design.
-**[REQ-1]**: Manufacturer shall declare in the technical documentation with what [Risk factors](#45-risk-factors) the product with digital elements shall be evaluated.
-**[REQ-2]**: Manufacturer shall provide in the technical documentation a detailed enough systems architecture design description, that enables national bodies like MSA to evaluate and test the product design.
<mark>Note</mark>: We may be removing this requirement as it is required as part of CRA requirements and outside of the standard's scope. Manufacturers must do this anyway?
@@ -684,7 +684,7 @@ As distruptions in the services are not uncommon, it is important for product ar
Collected data can be a central asset for the product business idea.
It can be any information that can be digitally transferred to another location.
To fullfill the CRA requirement for data minimization, the contents of the transferred data is important to understand in detail. ([REQ-RDPS-0] [REQ-RDPS-1] [REQ-RDPS-2])
To fullfill the CRA requirement for data minimization, the contents of the transferred data is important to understand in detail. ([REQ-RDPS-1] [REQ-RDPS-2] [REQ-RDPS-3])
Significant change in the stored data is a significant change in the product, and thus trickers a new evaluation.
The CRA [\[i.1\]](#_ref_i.1) Article 3(2) defines that an RDPS is under the responsibility of the manufacturer. Therefore, if the product default configuration is overwritten with local amendments by the user of the product, it is important that the similar protection can be achieved as described in this section. [REQ-RDPS-4]
@@ -729,6 +729,17 @@ This section shall have:
-**[REQ-UPDATES-1]** Verify integrity of the upddate before installation (hash checks).
-**[REQ-UPDATES-2]** Use secure channels for update delivery (e.g., TLS).
### 5.3.5 Logging
> Placholder. Will be transfered over from NMS when available.
### 5.3.6 Monitoring
> Placholder. Will be transfered over from NMS when available.
### 5.3.7 Data minimization
> Placholder. Will be transfered over from NMS when available.
### 5.3.8 High Availability
> Placholder. Will be transfered over from NMS when available.
# Annex A (informative): Mapping between the present document and CRA requirements
