> Should you need a step-by-step guide for drafting an ETSI deliverable, please consult the " [Principles for Drafting ETSI Deliverables](https://portal.etsi.org/Portals/0/TBpages/edithelp/Docs/Principles_for_drafting_ETSI_deliverables.pdf)" document. Otherwise you may contact us at [edithelp@etsi.org](mailto:edithelp@etsi.org).
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI deliverable is the one made publicly available in PDF format on [ETSI deliver](ETSI deliver) repository.
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI deliverable is the one made publicly available in PDF format on [ETSI deliver] repository.
Users should be aware that the present document may be revised or have its status changed, this information is available in the [Milestones listing](Milestones listing).
Users should be aware that the present document may be revised or have its status changed, this information is available in the [Milestones listing].
If you find errors in the present document, please send your comments to<br/>the relevant service listed under [Committee Support Staff](Committee Support Staff).
If you find errors in the present document, please send your comments to
the relevant service listed under [Committee Support Staff].
If you find a security vulnerability in the present document, please report it through our
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The declarations pertaining to these essential IPRs, if any, are publicly available for **ETSI members and non-members** , and can be found in ETSI SR 000 314: _"Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards"_ , which is available from the ETSI Secretariat. Latest updates are available on the [ETSI IPR online database](https://ipr.etsi.org/).
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The declarations pertaining to these essential IPRs, if any, are publicly available for **ETSI members and non-members** , and can be found in ETSI SR 000 314: _"Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards"_ , which is available from the ETSI Secretariat. Latest updates are available on the [ETSI IPR online database].
Pursuant to the ETSI Directives including the ETSI IPR Policy, no investigation regarding the essentiality of IPRs, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document.
[ETSI IPR online database]:https://ipr.etsi.org/
## Trademarks
@@ -105,7 +107,6 @@ The present document may include trademarks and/or tradenames which are asserted
**DECT™** , **PLUGTESTS™** , **UMTS™** and the ETSI logo are trademarks of ETSI registered for the benefit of its Members. **3GPP™** , **LTE™** and **5G ™** logo are trademarks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. **oneM2M™** logo is a trademark of ETSI registered for the benefit of its Members and of the oneM2M Partners. **GSM**® and the GSM logo are trademarks registered and owned by the GSM Association.
# Foreword
> DRAFT FOREWORD - DO NOT CONSIDER THE CONTENT
@@ -133,13 +134,14 @@ The Technical Body may propose different dates to the default ones (3, 6, 18). T
The Technical Body should advise the ETSI Secretariat if the above default national transposition dates are inappropriate for the particular standard.
# Modal verbs terminology
In the present document "**shall** ", "**shall not** ", "**should** ", "**should not** ", "**may** ", "**need not** ", "**will** ", "**will not** ", "**can** " and "**cannot** are to be interpreted as described in clause 3.2 of the [ETSI Drafting Rules](https://portal.etsi.org/Services/editHelp/How-to-start/ETSI-Drafting-Rules)(Verbal forms for the expression of provisions).
In the present document "**shall** ", "**shall not** ", "**should** ", "**should not** ", "**may** ", "**need not** ", "**will** ", "**will not** ", "**can** " and "**cannot** are to be interpreted as described in clause 3.2 of the [ETSI Drafting Rules] (Verbal forms for the expression of provisions).
"**must** " and "**must not** " are **NOT** allowed in ETSI deliverables except when used in direct citation.
@@ -152,11 +154,11 @@ This standard does not apply to products that contain network interfaces or are
# 1 Scope
# 1.1 General
## 1.1 General
The present document describes how to demonstrate compliance with requirements in the EU Regulation 2024/2847 under the conditions identified in Annex <L> of physical and virtual network interfaces within the context described in section 4, Product Context.
# 1.2 Products in scope
## 1.2 Products in scope
Products in scope include products whose core purpose is to serve as a virtual or physical network interface intended to enable the connection of a computing device to a network. A network interface provides connectivity via a device driver API operating at the data link layer.
@@ -174,7 +176,7 @@ For the purposes of this standard, network interfaces will be split up into the
* Wireless network interfaces
* Virtual network interfaces
# 1.3 Products not in scope
## 1.3 Products not in scope
Products not in scope include:
@@ -190,7 +192,7 @@ This standard does not cover products in use in contexts other than those identi
## 2.1 Normative references
> **In Harmonised Standards these references shall be specific** (identified by date of publication and/or edition number or version number) **publicly available and in English, except in exceptional circumstances making sure that impacts have been evaluated and explanations have been given on how any negative implications should be avoided** . See clauses 2.10.1 and 8.4 of the [EDRs](EDRs) and the communiqué on "[References in ETSI Deliverables](https://portal.etsi.org/Portals/0/TBpages/edithelp/Docs/News_from_editHelp/References_in_ETSI_deliverables.pdf)".
> **In Harmonised Standards these references shall be specific** (identified by date of publication and/or edition number or version number) **publicly available and in English, except in exceptional circumstances making sure that impacts have been evaluated and explanations have been given on how any negative implications should be avoided** . See clauses 2.10.1 and 8.4 of the [EDRs] and the communiqué on "[References in ETSI Deliverables][References]".
>
> Guidance for selecting normative references in harmonised standards is given in clause 2.8.3 of the Vademecum on European standardisation. Please **systematically consult with your Technical Officer** for the latest guidance on normative references other than to ENs, ISO/IEC standards, notably to prevent the risk of non-acceptance.
>
@@ -200,7 +202,7 @@ This standard does not cover products in use in contexts other than those identi
>
> References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies.
>
> Referenced documents which are not found to be publicly available in the expected location might be found in the [ETSI docbox](https://docbox.etsi.org/Reference/).
> Referenced documents which are not found to be publicly available in the expected location might be found in the [ETSI docbox].
> NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long-term validity.
@@ -208,6 +210,8 @@ The following referenced documents are necessary for the application of the pres
@@ -217,10 +221,11 @@ References are either specific (identified by date of publication and/or edition
The following referenced documents may be useful in implementing an ETSI deliverable or add to the reader's understanding but are not required for conformance to the present document.
*<aname="_ref_i.1">[i.1]</a> Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act)
-<aname="_ref_i.1">[i.1]</a> "Cyber Resilience Act" EU 2024/2847
# 3 Definition of terms, symbols and abbreviations
@@ -230,7 +235,6 @@ This section provides terms and definitions based on CEN/CLC JTC13 WG09's work o
For the purposes of the present document, the [following] terms [given in ... and the following] apply:
FIXME add terms
## 3.2 Abbreviations
@@ -632,7 +636,6 @@ Problems with protocols working as designed are not in scope.
Problems with the implementation of the protocols by the interface are in scope.
# Annex A (informative): Mapping between the present document and CRA requirements
> Table mapping technical security requirements from Section 5 of the present document to essential cybersecurity requirements in Annex I of the CRA. The purpose of this is to help identify missing technical security requirements.
> List assumptions that are relevant to the risk analysis for these threats. Everything is hackable if you try hard enough. What kinds of threats are in and out of scope? What are you assuming is the sophistication of attack? Relate to use cases.
@@ -790,7 +792,6 @@ The annex shall have a table for a clear indication of correspondence between no
**It should be evaluated - on the basis of the legal requirements supported and other information given in a harmonised standard - how detailed correspondence can be indicated between the normative elements of the harmonised standard and the legal requirements aimed to be covered. However, where this correspondence is expressed in too general terms, it could lead to a situation where the Commission cannot assess whether the Harmonised Standard satisfies the requirements, which it aims to cover, and subsequently publication of its references in the OJEU according to Article 10(6) of the Regulation is significantly delayed or is not possible at all.**
> **EXAMPLE for a table:**
**Table A.1: Relationship between the present document and<br />the requirements of EU Regulation 2024/2847**<aname="table_A.1"></a>
@@ -831,7 +832,7 @@ Harmonised Standard ETSI EN 304 6xx
The annex shall have at least the following two warnings.
A warning stating that presumption of conformity is effective only as long as the reference is maintained in the OJEU by the Commission. The following URL-address [https://ec.europa.eu/growth/single-market/european-standards/harmonised-standards_en](https://ec.europa.eu/growth/single-market/european-standards/harmonised-standards_en) to consult the latest list of Harmonised Standards published in the OJEU should be provided.
A warning stating that presumption of conformity is effective only as long as the reference is maintained in the OJEU by the Commission. The following URL-address <https://ec.europa.eu/growth/single-market/european-standards/harmonised-standards_en> to consult the latest list of Harmonised Standards published in the OJEU should be provided.
Presumption of conformity stays valid only as long as a reference to the present document is maintained in the list published in the Official Journal of the European Union. Users of the present document should consult frequently the latest list published in the Official Journal of the European Union.
