Use new threat assessment on DOS via network or host (47ea1033) · Commits · STAN4CRA / EN 304 625 Network Interfaces

EN-304-625.md

+29 −13

Original line number	Diff line number	Diff line
		@@ -1922,21 +1922,37 @@ Mitigations for Impact:

		* High to Low: NTFY, WDOG

		[TH-FDOS]: Attacker may use host system or network access for a denial-of-service attack on product functions.
		#### C.4.3.7 TH-PDOS: Denial of service attack on product functions via system or network access

		\| Risk factors \| Likelihood \|
		\|--------------------------------\|------------\|
		\| (SFT > 1 or NET > 1) & COM > 1 \| High \|
		\| (SFT = 1 or NET = 1) & COM > 1 \| Medium \|
		\| (SFT < 1 & NET < 1) or COM = 0 \| Low \|
		Attacker may use host system or network access for a denial-of-service attack on product functions.

		\| Risk factors \| Impact \|
		\|--------------\|--------\|
		\| FUN = 2 \| High \|
		\| FUN = 1 \| Medium \|
		\| FUN = 0 \| Low \|
		\| Risk factors \| Likelihood \| \|
		\|-------------------\|------------\|------------------------------------\|
		\| max(SFT, NET) = 0 \| Low \| WD-1 \|
		\| all others \| Medium \| WL-1, VI-1 \|
		\| max(SFT, NET) = 2 \| High \| WD-2, WD-3, WD-4, WL-2, WL-3, VI-2 \|

		\| Risk factors \| Impact \| Security profiles \|
		\|--------------\|--------\|-------------------------\|
		\| FUN = 0 \| Low \| none \|
		\| FUN = 1 \| Medium \| WD-1, WD-3, WL-\*, VI-1 \|
		\| FUN = 2 \| High \| WD-2, WD-4, VI-2 \|

		Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG

		FIXME: Need to add mitigations for fast packet drop, limiting memory allocations until authenticated, rate-limiting by source, round-robin queues, etc.

		Mitigations for Likelihood:

		* Medium to Low: TBD - has to be outsourced to environment?

		* High to Low: TBD - has to be outsourced to environment?

		Mitigations for Impact:

		* Medium to Low: (NTFY or WDOG), LOGG, TBD - see FIXME above

		Requirements: AVAI, LMII, LMAS, LOGG
		* High to Low: NTFY, WDOG, LOGG, TBD - see FIXME above

		[TH-DDOS]: Attacker may exploit vulnerabilities in the product to attack other products.

		@@ -2103,7 +2119,7 @@ This clause describes the metholodogy followed in the current text.
		\| CONF \| SDEF \|
		\| UADT \| CDTX, DMIN, LMAS \|
		\| AVAI \| AVAI, LMII, LMAS, LOGG, VULH \|
		\| FDOS \| AVAI, LMII, LMAS, LOGG \|
		\| PDOS \| AVAI, LMII, LMAS, LOGG \|
		\| DDOS \| AVAI, LMII, LMAS, LOGG, VULH \|
		\| MQSE \| CDTX, IDTX, SCUD, LOGG \|
		\| AHHS \| NKEV, SCUD, SSDD, LMII, LMAS, LOGG, SDEF \|

Original line number	Diff line number	Diff line
		@@ -1922,21 +1922,37 @@ Mitigations for Impact:

		* High to Low: NTFY, WDOG

		[TH-FDOS]: Attacker may use host system or network access for a denial-of-service attack on product functions.
		#### C.4.3.7 TH-PDOS: Denial of service attack on product functions via system or network access

		\| Risk factors \| Likelihood \|
		\|--------------------------------\|------------\|
		\| (SFT > 1 or NET > 1) & COM > 1 \| High \|
		\| (SFT = 1 or NET = 1) & COM > 1 \| Medium \|
		\| (SFT < 1 & NET < 1) or COM = 0 \| Low \|
		Attacker may use host system or network access for a denial-of-service attack on product functions.

		\| Risk factors \| Impact \|
		\|--------------\|--------\|
		\| FUN = 2 \| High \|
		\| FUN = 1 \| Medium \|
		\| FUN = 0 \| Low \|
		\| Risk factors \| Likelihood \| \|
		\|-------------------\|------------\|------------------------------------\|
		\| max(SFT, NET) = 0 \| Low \| WD-1 \|
		\| all others \| Medium \| WL-1, VI-1 \|
		\| max(SFT, NET) = 2 \| High \| WD-2, WD-3, WD-4, WL-2, WL-3, VI-2 \|

		\| Risk factors \| Impact \| Security profiles \|
		\|--------------\|--------\|-------------------------\|
		\| FUN = 0 \| Low \| none \|
		\| FUN = 1 \| Medium \| WD-1, WD-3, WL-\*, VI-1 \|
		\| FUN = 2 \| High \| WD-2, WD-4, VI-2 \|

		Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG

		FIXME: Need to add mitigations for fast packet drop, limiting memory allocations until authenticated, rate-limiting by source, round-robin queues, etc.

		Mitigations for Likelihood:

		* Medium to Low: TBD - has to be outsourced to environment?

		* High to Low: TBD - has to be outsourced to environment?

		Mitigations for Impact:

		* Medium to Low: (NTFY or WDOG), LOGG, TBD - see FIXME above

		Requirements: AVAI, LMII, LMAS, LOGG
		* High to Low: NTFY, WDOG, LOGG, TBD - see FIXME above

		[TH-DDOS]: Attacker may exploit vulnerabilities in the product to attack other products.

		@@ -2103,7 +2119,7 @@ This clause describes the metholodogy followed in the current text.
		\| CONF \| SDEF \|
		\| UADT \| CDTX, DMIN, LMAS \|
		\| AVAI \| AVAI, LMII, LMAS, LOGG, VULH \|
		\| FDOS \| AVAI, LMII, LMAS, LOGG \|
		\| PDOS \| AVAI, LMII, LMAS, LOGG \|
		\| DDOS \| AVAI, LMII, LMAS, LOGG, VULH \|
		\| MQSE \| CDTX, IDTX, SCUD, LOGG \|
		\| AHHS \| NKEV, SCUD, SSDD, LMII, LMAS, LOGG, SDEF \|