Commit c8e44731 authored by Sammy Haddad's avatar Sammy Haddad
Browse files

Update file EN-304-624.md

parent b0c13174

EN-304-624.md

+36 −21
Original line number Diff line number Diff line
@@ -1957,27 +1957,42 @@ b) verify the OCSP response to match the constraints of the OCSP response profil 
|(7)|	Secure update delivery mechanisms				

|(8)|	Updates shall be timely, free of charge, and include user guidance





|No |Description	| Requirements of Regulation |Clause(s) of the present document	|U/C	|Condition

|---|---|---|---|---|

|(1) | Design, development, and production must ensure appropriate cybersecurity based on risks

|(2)(a)| No known exploitable vulnerabilities at market release

|(2)(b) | Secure-by-default configuration

|(2)(c) | Vulnerabilities can be addressed via security updates, default to automatic, with opt-out and postponement ||

|(2)(d)| Protection from unauthorised access via authentication and access control

(2)(e)|	Confidentiality of data in storage or transit (e.g., encryption) ||REQ-5.2-01, REQ-5.2-02|

|(2)(f) |Integrity of data, commands, programs, configuration; detect/report manipulation | REQ-5.2-03, REQ-5.3-01, REQ-5.3-02, REQ-5.3-04, REQ-5.3-05, REQ-5.3-06

|(2)(g)|Data minimisation — only adequate and necessary data shall be processed | REQ-5.3-01, REQ-5.3-02, REQ-5.3-03, REQ-5.3-04, REQ-5.4-01, REQ-5.4-02

|(2)(h)| Ensure availability of essential functions including resilience and DoS protection	| REQ-5.1-04, REQ-5.1-05, REQ-5.1-06	

|(2)(i) |Avoid degradation of other systems’ availability (non-interference)	|||			

|(2)(j) |Limit attack surfaces including external interfaces |  	REQ-5.3-07, REQ-5.3-08, REQ-5.4-01, REQ-5.4-02|||



|(2)(k)| Include appropriate exploitation mitigation techniques	| REQ-5.1-07, REQ-5.2-03, REQ-5.2-04, REQ-5.2-05, REQ-5.4-01|||



|(2)(l) |Logging and internal monitoring of data/function access, with opt-out	| 	REQ-5.1-01, REQ-5.1-02, REQ-5.1-03, REQ-5.1-04, REQ-5.1-05, REQ-5.1-06, REQ-5.1-07, REQ-5.1-08|||

			

|(2)(m) |Allow users to permanently remove data and settings securely | ||||



No | Description | Clause(s) of the present document | U/C | Condition

(1)

Design, development, and production must ensure appropriate cybersecurity based on risks

(2)(a)

No known exploitable vulnerabilities at market release

(2)(b)

Secure-by-default configuration

(2)(c)

Vulnerabilities can be addressed via security updates, default to automatic, with opt-out and postponement

(2)(d)

Protection from unauthorised access via authentication and access control

(2)(e)

Confidentiality of data in storage or transit (e.g., encryption)

Clause(s): REQ-5.2-01, REQ-5.2-02

(2)(f)

Integrity of data, commands, programs, configuration; detect/report manipulation

Clause(s): REQ-5.2-03, REQ-5.3-01, REQ-5.3-02, REQ-5.3-04, REQ-5.3-05, REQ-5.3-06

(2)(g)

Data minimisation — only adequate and necessary data shall be processed

Clause(s): REQ-5.3-01, REQ-5.3-02, REQ-5.3-03, REQ-5.3-04, REQ-5.4-01, REQ-5.4-02

(2)(h)

Ensure availability of essential functions including resilience and DoS protection

Clause(s): REQ-5.1-04, REQ-5.1-05, REQ-5.1-06

(2)(i)

Avoid degradation of other systems’ availability (non-interference)

(2)(j)

Limit attack surfaces including external interfaces

Clause(s): REQ-5.3-07, REQ-5.3-08, REQ-5.4-01, REQ-5.4-02

(2)(k)

Include appropriate exploitation mitigation techniques

Clause(s): REQ-5.1-07, REQ-5.2-03, REQ-5.2-04, REQ-5.2-05, REQ-5.4-01

(2)(l)

Logging and internal monitoring of data/function access, with opt-out

Clause(s): REQ-5.1-01, REQ-5.1-02, REQ-5.1-03, REQ-5.1-04, REQ-5.1-05, REQ-5.1-06, REQ-5.1-07, REQ-5.1-08

(2)(m)

Allow users to permanently remove data and settings securely





Key to columns: