@@ -1115,11 +1115,13 @@ All exposed interfaces on the product in any state that is part of its reasonabl
### 5.2.X **TR-SCDL**: Secure deletion
#### 5.2.X.x Requirement
The product shall provide a method of deleting all data and settings and resetting the product to its secure-by-default configuration.
FIXME break this down into pieces, for types of data, for commands, for physical interfaces, for device drivers and virtual interfaces.
Guidance: Overwriting all storage or encrypting all data and deleting the key are two secure deletion mechanisms.
#### 5.2.X.x **MI-RSET**:
#### 5.2.X.x **MI-RSET**: Secure deletion via reset
The product shall reset to its secure-by-default state after a power cycle or reset command.
@@ -1129,12 +1131,54 @@ The product shall reset to its secure-by-default state after a power cycle or re
* Preparation: Document every kind of data or setting that may be stored on the product, how to store it on the product, and how to read it from the product
* Activities: For each kind of user data or setting that may be stored on the product, write an instance of the data or setting stored on the product that is different from the default, read it from the product, power cycle or reset the product, and read the data again
* Activities: For each kind of user data or setting that may be stored on the product, write an instance of the data or setting stored on the product that is different from the default and read it from the product; once all kinds of data have been written and read, power cycle or reset the product, and read each kind of data again
* Verdict: If any data or setting is the same for both of the reads => FAIL, otherwise => PASS
* Evidence: Record of each type of data or setting, what data or setting was written, what data or setting was returned by the first read, and what data or setting was returned by the second read, comparison of each one
#### 5.2.X.x **MI-INST**: Secure deletion via reinstallation
The product shall reset to its secure-by-default state after a reinstallation that securely deletes all previous user data or settings.
* Reference: TR-SCDL
* Objective: Secure deletion
* Preparation: Document every kind of data or setting that may be stored on the product, how to store it on the product, and how to read it from the product
* Activities: For each kind of user data or setting that may be stored on the product, write an instance of the data or setting stored on the product that is different from the default and read it from the product; once all kinds of data have been written and read, reinstall the product with the secure delete option, and read the data or settings again
* Verdict: If any data or setting is the same for both of the reads => FAIL, otherwise => PASS
* Evidence: Record of each type of data or setting, what data or setting was written, what data or setting was returned by the first read, and what data or setting was returned by the second read, comparison of each one
#### 5.2.X.x **MI-DELE**: Secure deletion via secure deletion function
The product shall reset to its secure-by-default state after the secure deletion function is used.
* Reference: TR-SCDL
* Objective: Secure deletion
* Preparation: Document every kind of data or setting that may be stored on the product, how to store it on the product, and how to read it from the product
* Activities: For each kind of user data or setting that may be stored on the product, write an instance of the data or setting stored on the product that is different from the default and read it from the product; once all kinds of data have been written and read, activate the secure deletion function, and read the data or settings again
* Verdict: If any data or setting is the same for both of the reads => FAIL, otherwise => PASS
* Evidence: Record of each type of data or setting, what data or setting was written, what data or setting was returned by the first read, and what data or setting was returned by the second read, comparison of each one
#### 5.2.X.x Mapping of mitigations to risk factors and security profiles
| Risk factors | Requires mitigations |
|--------------|----------------------|
| any | RSET or INST or DELE |
| Security Profile | Requires mitigations |
|------------------|----------------------|
| all | RSET or INST or DELE |
### 5.2.X **TR-SDTR**: Secure data transfer
The product shall provide a method to securely transfer all data and settings from the product to other products or systems.
