Annex A (333c4270) · Commits · STAN4CRA / EN 304 624 Public key infrastructure and digital certificate issuance software

EN-304-624.md

+15 −13

Original line number	Diff line number	Diff line
		@@ -1963,19 +1963,21 @@ b) verify the OCSP response to match the constraints of the OCSP response profil
		\| No \| Description \| Clause(s) of the present document \| U/C \| Condition \|
		\|---------\|-------------------------------------------------------------------------------------------------\|-------------------------------------------------------\|-----\|------------------------------------------------\|
		\| (1) \| Products with digital elements shall be designed, developed and produced in such a way that they ensure an appropriate level of cybersecurity based on the risks. \| Annex C \|\|\|
		\| (2)(a) \| It shall be made available on the market without known exploitable vulnerabilities. \|6.1\|\|\|
		\| (2)(b) \| be made available on the market with a secure by default configuration, unless otherwise agreed between manufacturer and business user in relation to a tailor-made product with digital elements, including the possibility to reset the product to its original state;\|5\|\|\|
		\| (2)(c) \| Vulnerabilities can be addressed via security updates, default to automatic, with opt-out and postponement \| 6.1\|\|\|
		\| (2)(d) \| Protection from unauthorised access via authentication and access control \| 5.1, 5.3, 6.2 & 6.3\|\|\|
		\| (2)(e) \| Confidentiality of data in storage or transit (e.g., encryption) \| 5.2\| \| \|
		\| (2)(f) \| Integrity of data, commands, programs, configuration; detect/report manipulation \| REQ-5.2-03, REQ-5.3-01, REQ-5.3-02, REQ-5.3-04, REQ-5.3-05, REQ-5.3-06 \| \| \|
		\| (2)(g) \| Data minimisation — only adequate and necessary data shall be processed \| REQ-5.3-01, REQ-5.3-02, REQ-5.3-03, REQ-5.3-04, REQ-5.4-01, REQ-5.4-02 \| \| \|
		\| (2)(h) \| Ensure availability of essential functions including resilience and DoS protection \| REQ-5.1-04, REQ-5.1-05, REQ-5.1-06 \| \| \|
		\| (2)(i) \| Avoid degradation of other systems’ availability (non-interference) \| \| \| \|
		\| (2)(j) \| Limit attack surfaces including external interfaces \| REQ-5.3-07, REQ-5.3-08, REQ-5.4-01, REQ-5.4-02 \| \| \|
		\| (2)(k) \| Include appropriate exploitation mitigation techniques \| REQ-5.1-07, REQ-5.2-03, REQ-5.2-04, REQ-5.2-05, REQ-5.4-01 \| \| \|
		\| (2)(l) \| Logging and internal monitoring of data/function access, with opt-out \| REQ-5.1-01, REQ-5.1-02, REQ-5.1-03, REQ-5.1-04, REQ-5.1-05, REQ-5.1-06, REQ-5.1-07, REQ-5.1-08 \| \| \|
		\| (2)(m) \| Allow users to permanently remove data and settings securely \| \| \| \|
		\| (2)(a) \| Be made available on the market without known exploitable vulnerabilities. \|6.1\|\|\|
		\| (2)(b) \| Be made available on the market with a secure by default configuration, unless otherwise agreed between manufacturer and business user in relation to a tailor-made product with digital elements, including the possibility to reset the product to its original state;\|5\|\|\|
		\| (2)(c) \| Ensure that vulnerabilities can be addressed through security updates, including, where applicable, through automatic security updates that are installed within an appropriate timeframe enabled as a default setting, with a clear and easy-to-use opt-out mechanism, through the notification of available updates to users, and the option to temporarily postpone them; \| 6.1\|\|\|
		\| (2)(d) \| Ensure protection from unauthorised access by appropriate control mechanisms, including but not limited to authentication, identity or access management systems, and report on possible unauthorised access; \| 5.1, 5.3, 6.2 & 6.4\|\|\|
		\| (2)(e) \| Protect the confidentiality of stored, transmitted or otherwise processed data, personal or other, such as by encrypting relevant data at rest or in transit by state of the art mechanisms, and by using other technical means;\| 5.1 5.2, 6.2 & 6.3\| \| \|
		\| (2)(f) \| Protect the integrity of stored, transmitted or otherwise processed data, personal or other, commands, programs and configuration against any manipulation or modification not authorised by the user, and report on corruptions;\| 5.1, 5.2, 5.3, 5.4, 5.7, 5.9 \| \| \|
		\| (2)(g) \| Process only data, personal or other, that are adequate, relevant and limited to what is necessary in relation to the intended purpose of the product with digital elements (data minimisation);\| 5 \| \| \|
		\| (2)(h) \| Protect the availability of essential and basic functions, also after an incident, including through resilience and mitigation measures against denial-of-service attacks;\| 5.1 5.2, 6.2 & 6.3 \| \| \|
		\| (2)(i) \| Minimise the negative impact by the products themselves or connected devices on the availability of services provided by other devices or networks; \| 5 & 6 \| \| \|
		\| (2)(j) \| Be designed, developed and produced to limit attack surfaces, including external interfaces; \| 5, 6 & Annex A \| \| \|
		\| (2)(k) \| Be designed, developed and produced to reduce the impact of an incident using appropriate exploitation mitigation
		mechanisms and techniques; \| 5, 6 & Annex A \| \| \|
		\| (2)(l) \| Lprovide security related information by recording and monitoring relevant internal activity, including the access to
		or modification of data, services or functions, with an opt-out mechanism for the user; \| 5.1 & 6.2 \| \| \|
		\| (2)(m) \| Provide the possibility for users to securely and easily remove on a permanent basis all data and settings and, where such data can be transferred to other products or systems, ensure that this is done in a secure manner.\|5.8\|\| \|

Original line number	Diff line number	Diff line
		@@ -1963,19 +1963,21 @@ b) verify the OCSP response to match the constraints of the OCSP response profil
		\| No \| Description \| Clause(s) of the present document \| U/C \| Condition \|
		\|---------\|-------------------------------------------------------------------------------------------------\|-------------------------------------------------------\|-----\|------------------------------------------------\|
		\| (1) \| Products with digital elements shall be designed, developed and produced in such a way that they ensure an appropriate level of cybersecurity based on the risks. \| Annex C \|\|\|
		\| (2)(a) \| It shall be made available on the market without known exploitable vulnerabilities. \|6.1\|\|\|
		\| (2)(b) \| be made available on the market with a secure by default configuration, unless otherwise agreed between manufacturer and business user in relation to a tailor-made product with digital elements, including the possibility to reset the product to its original state;\|5\|\|\|
		\| (2)(c) \| Vulnerabilities can be addressed via security updates, default to automatic, with opt-out and postponement \| 6.1\|\|\|
		\| (2)(d) \| Protection from unauthorised access via authentication and access control \| 5.1, 5.3, 6.2 & 6.3\|\|\|
		\| (2)(e) \| Confidentiality of data in storage or transit (e.g., encryption) \| 5.2\| \| \|
		\| (2)(f) \| Integrity of data, commands, programs, configuration; detect/report manipulation \| REQ-5.2-03, REQ-5.3-01, REQ-5.3-02, REQ-5.3-04, REQ-5.3-05, REQ-5.3-06 \| \| \|
		\| (2)(g) \| Data minimisation — only adequate and necessary data shall be processed \| REQ-5.3-01, REQ-5.3-02, REQ-5.3-03, REQ-5.3-04, REQ-5.4-01, REQ-5.4-02 \| \| \|
		\| (2)(h) \| Ensure availability of essential functions including resilience and DoS protection \| REQ-5.1-04, REQ-5.1-05, REQ-5.1-06 \| \| \|
		\| (2)(i) \| Avoid degradation of other systems’ availability (non-interference) \| \| \| \|
		\| (2)(j) \| Limit attack surfaces including external interfaces \| REQ-5.3-07, REQ-5.3-08, REQ-5.4-01, REQ-5.4-02 \| \| \|
		\| (2)(k) \| Include appropriate exploitation mitigation techniques \| REQ-5.1-07, REQ-5.2-03, REQ-5.2-04, REQ-5.2-05, REQ-5.4-01 \| \| \|
		\| (2)(l) \| Logging and internal monitoring of data/function access, with opt-out \| REQ-5.1-01, REQ-5.1-02, REQ-5.1-03, REQ-5.1-04, REQ-5.1-05, REQ-5.1-06, REQ-5.1-07, REQ-5.1-08 \| \| \|
		\| (2)(m) \| Allow users to permanently remove data and settings securely \| \| \| \|
		\| (2)(a) \| Be made available on the market without known exploitable vulnerabilities. \|6.1\|\|\|
		\| (2)(b) \| Be made available on the market with a secure by default configuration, unless otherwise agreed between manufacturer and business user in relation to a tailor-made product with digital elements, including the possibility to reset the product to its original state;\|5\|\|\|
		\| (2)(c) \| Ensure that vulnerabilities can be addressed through security updates, including, where applicable, through automatic security updates that are installed within an appropriate timeframe enabled as a default setting, with a clear and easy-to-use opt-out mechanism, through the notification of available updates to users, and the option to temporarily postpone them; \| 6.1\|\|\|
		\| (2)(d) \| Ensure protection from unauthorised access by appropriate control mechanisms, including but not limited to authentication, identity or access management systems, and report on possible unauthorised access; \| 5.1, 5.3, 6.2 & 6.4\|\|\|
		\| (2)(e) \| Protect the confidentiality of stored, transmitted or otherwise processed data, personal or other, such as by encrypting relevant data at rest or in transit by state of the art mechanisms, and by using other technical means;\| 5.1 5.2, 6.2 & 6.3\| \| \|
		\| (2)(f) \| Protect the integrity of stored, transmitted or otherwise processed data, personal or other, commands, programs and configuration against any manipulation or modification not authorised by the user, and report on corruptions;\| 5.1, 5.2, 5.3, 5.4, 5.7, 5.9 \| \| \|
		\| (2)(g) \| Process only data, personal or other, that are adequate, relevant and limited to what is necessary in relation to the intended purpose of the product with digital elements (data minimisation);\| 5 \| \| \|
		\| (2)(h) \| Protect the availability of essential and basic functions, also after an incident, including through resilience and mitigation measures against denial-of-service attacks;\| 5.1 5.2, 6.2 & 6.3 \| \| \|
		\| (2)(i) \| Minimise the negative impact by the products themselves or connected devices on the availability of services provided by other devices or networks; \| 5 & 6 \| \| \|
		\| (2)(j) \| Be designed, developed and produced to limit attack surfaces, including external interfaces; \| 5, 6 & Annex A \| \| \|
		\| (2)(k) \| Be designed, developed and produced to reduce the impact of an incident using appropriate exploitation mitigation
		mechanisms and techniques; \| 5, 6 & Annex A \| \| \|
		\| (2)(l) \| Lprovide security related information by recording and monitoring relevant internal activity, including the access to
		or modification of data, services or functions, with an opt-out mechanism for the user; \| 5.1 & 6.2 \| \| \|
		\| (2)(m) \| Provide the possibility for users to securely and easily remove on a permanent basis all data and settings and, where such data can be transferred to other products or systems, ensure that this is done in a secure manner.\|5.8\|\| \|

Admin message