Commit 46dc95ee authored by Valerie Aurora's avatar Valerie Aurora
Browse files

Add LIS risk factor

parent 3d1c583c

EN-304-625.md

+40 −28
Original line number Diff line number Diff line
@@ -502,7 +502,7 @@ _The following use cases are provided to assist manufacturers in selecting risk 
  * E.g. Data center for internal job processing, smart meter in an isolated private network

  * Behind a firewall/gateway, no direct route to internet

  * Users are administrators and approved (predefined, fixed) applications

  * Network interface implements performance optimizations

  * Interface implements radio control and encryption

  * Professional administration



* UC-WL-2 Wireless stationary home IoT device
@@ -1701,6 +1701,18 @@ Type: Affects likelihood of all attacks. 
  * **[COM-L-2]** Product implements encryption functions on interface

  * **[COM-L-3]** Product implements RTOS managing radio, PXE boot, remote management, or similar



**[LIS]** Ease of reading from transmission media of directly attached network by unauthorized agents



Description: Likelihood that unauthorized agents can read data from the transmission media on the directly attached network. For example, a wireless network in an apartment that is accessible from the shared hallway or another apartnement, or a wired network with exposed jacks in a public library.



Rationale: While confidentiality of data transmitted across public networks is usually handled by the system the network interface is integrated into, the network interface is usually responsible for confidentiality on the local directly attached network.



Type: Affects likelihood of attack.



  * **[LIS-L-0]** Foreseeable use is only authorized agents with access to directly attached network

  * **[LIS-L-1]** Foreseeable use includes occasional access by unauthorized agents to directly attached network

  * **[LIS-L-2]** Foreseeable use includes frequent access by unauthorized agents to directly attached network



**[ADM]** Availability and skill of administration



Description: What the availability and skill of administration is for the product.
@@ -1787,39 +1799,39 @@ Type: Affects impact of attack. 


#### C.5.2.1 Wired network interface use cases



| Use case | LOC | NET | COM | ADM | SYS | SDS | SDT | FUN | INT | Sec Pro |

|----------|-----|-----|-----|-----|-----|-----|-----|-----|-----|---------|

| UC-WD-1  | 0   | 0   | 1   | 0   | 1   | 1   | 1   | 2   | 1   | SP-WD-1 |

| UC-WD-2  | 0   | 1   | 2   | 0   | 1   | 1   | 1   | 2   | 1   | SP-WD-1 |

| UC-WD-3  | 0   | 2   | 2   | 0   | 1   | 1   | 1   | 2   | 1   | SP-WD-1 |

| UC-WD-4  | 0   | 2   | 1   | 1   | 1   | 0   | 0   | 1   | 2   | SP-WD-2 |

| UC-WD-5  | 0   | 2   | 1   | 1   | 1   | 1   | 1   | 2   | 1   | SP-WD-2 |

| UC-WD-6  | 1   | 1   | 2   | 0   | 1   | 1   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-7  | 2   | 1   | 1   | 1   | 1   | 0   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-8  | 2   | 2   | 1   | 1   | 1   | 1   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-9  | 3   | 2   | 1   | 0   | 1   | 1   | 1   | 1   | 1   | SP-WD-4 |

| UC-WD-10 | 3   | 2   | 1   | 1   | 1   | 0   | 0   | 0   | 1   | SP-WD-4 |

| Use case | LOC | NET | COM | ADM | LIS | SYS | SDS | SDT | FUN | INT | Sec Pro |

|----------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|---------|

| UC-WD-1  | 0   | 0   | 1   | 0   |   0 | 1   | 1   | 1   | 2   | 1   | SP-WD-1 |

| UC-WD-2  | 0   | 1   | 2   | 0   |   0 | 1   | 1   | 1   | 2   | 1   | SP-WD-1 |

| UC-WD-3  | 0   | 2   | 2   | 0   |   2 | 1   | 1   | 1   | 2   | 1   | SP-WD-1 |

| UC-WD-4  | 0   | 2   | 1   | 1   |   0 | 1   | 0   | 0   | 1   | 2   | SP-WD-2 |

| UC-WD-5  | 0   | 2   | 1   | 1   |   2 | 1   | 1   | 1   | 2   | 1   | SP-WD-2 |

| UC-WD-6  | 1   | 1   | 2   | 0   |   1 | 1   | 1   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-7  | 2   | 1   | 1   | 1   |   0 | 1   | 0   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-8  | 2   | 2   | 1   | 1   |   2 | 1   | 1   | 1   | 1   | 1   | SP-WD-3 |

| UC-WD-9  | 3   | 2   | 1   | 0   |   2 | 1   | 1   | 1   | 1   | 1   | SP-WD-4 |

| UC-WD-10 | 3   | 2   | 1   | 1   |   2 | 1   | 0   | 0   | 0   | 1   | SP-WD-4 |



#### C.5.2.2 Wireless network interface use cases



| Use case | LOC | NET | COM | ADM | SYS | SDS | SDT | FUN | INT | Sec Pro |

|----------|-----|-----|-----|-----|-----|-----|-----|-----|-----|---------|

| UC-WL-1  | 0   | 0   | 3   | 0   | 1   | 1   | 1   | 1   | 1   | SP-WL-1 |

| UC-WL-2  | 0   | 1   | 3   | 1   | 1   | 0   | 0   | 1   | 2   | SP-WL-1 |

| UC-WL-3  | 0   | 2   | 3   | 1   | 1   | 1   | 1   | 1   | 1   | SP-WL-1 |

| UC-WL-4  | 1   | 2   | 3   | 0   | 1   | 1   | 1   | 1   | 1   | SP-WL-1 |

| UC-WL-5  | 1   | 1   | 3   | 1   | 1   | 1   | 1   | 1   | 1   | SP-WL-2 |

| UC-WL-6  | 2   | 2   | 3   | 1   | 1   | 1   | 1   | 1   | 1   | SP-WL-2 |

| UC-WL-7  | 3   | 2   | 3   | 1   | 1   | 0   | 0   | 0   | 1   | SP-WL-2 |

| Use case | LOC | NET | COM | ADM | LIS |SYS | SDS | SDT | FUN | INT | Sec Pro |

|----------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|---------|

| UC-WL-1  |   0 |   0 |   3 |   0 |   0 |   1 |   1 |   1 |   1 |   1 | SP-WL-1 |

| UC-WL-2  |   0 |   1 |   3 |   1 |   1 |   1 |   0 |   0 |   1 |   2 | SP-WL-1 |

| UC-WL-3  |   0 |   2 |   3 |   1 |   2 |   1 |   1 |   1 |   1 |   1 | SP-WL-1 |

| UC-WL-4  |   1 |   2 |   3 |   0 |   2 |   1 |   1 |   1 |   1 |   1 | SP-WL-1 |

| UC-WL-5  |   1 |   1 |   3 |   1 |   1 |   1 |   1 |   1 |   1 |   1 | SP-WL-2 |

| UC-WL-6  |   2 |   2 |   3 |   1 |   2 |   1 |   1 |   1 |   1 |   1 | SP-WL-2 |

| UC-WL-7  |   3 |   2 |   3 |   1 |   2 |   1 |   0 |   0 |   0 |   1 | SP-WL-2 |



#### C.5.2.3 Virtual network interface use cases



| Use case | LOC | NET | COM | ADM | SYS | SDS | SDT | FUN | INT | Sec Pro |

|----------|-----|-----|-----|-----|-----|-----|-----|-----|-----|---------|

| UC-VI-1  |   2 |   0 |   0 |   1 |   1 |   1 |   1 |   1 |   0 | SP-VI-1 |

| UC-VI-2  |   2 |   2 |   2 |   1 |   1 |   1 |   1 |   1 |   0 | SP-VI-2 |

| UC-VI-3  |   1 |   1 |   2 |   0 |   1 |   2 |   2 |   2 |   0 | SP-VI-2 |

| UC-VI-4  |   3 |   2 |   2 |   0 |   1 |   2 |   2 |   2 |   0 | SP-VI-2 |

| Use case | LOC | NET | COM | ADM | LIS | SYS | SDS | SDT | FUN | INT | Sec Pro |

|----------|-----|-----|-----|-----|-----|-----|-----|-----|-----|-----|---------|

| UC-VI-1  |   2 |   0 |   0 |   1 |   0 |   1 |   1 |   1 |   1 |   0 | SP-VI-1 |

| UC-VI-2  |   2 |   2 |   2 |   1 |   0 |   1 |   1 |   1 |   1 |   0 | SP-VI-2 |

| UC-VI-3  |   1 |   1 |   2 |   0 |   0 |   1 |   2 |   2 |   2 |   0 | SP-VI-2 |

| UC-VI-4  |   3 |   2 |   2 |   0 |   0 |   1 |   2 |   2 |   2 |   0 | SP-VI-2 |



## C.6 Security profiles