Loading EN-304-625.md +15 −4 Original line number Diff line number Diff line Loading @@ -1929,7 +1929,7 @@ Requirements: AVAI, MSAF, LMAS, LOGG | FUN = 1 | Medium | | FUN = 0 | Low | Requirements: AVAI, LMAS, LOGG Requirements: AVAI, MSAF, LMAS, LOGG **[TH-DDOS]:** Attacker may exploit vulnerabilities in the product to attack other products. Loading @@ -1945,7 +1945,7 @@ Requirements: AVAI, LMAS, LOGG | DOS = 1 | Medium | | DOS = 0 | Low | Requirements: AVAI, LMAS, LOGG Requirements: AVAI, MSAF, LMAS, LOGG **[TH-MQSE]:** Attacker may masquerade as an authorized server to get unauthorized access to product assets. Loading Loading @@ -2055,11 +2055,22 @@ Security profiles are associated with sets of risk factor levels. ## D.1 Mapping of risks to requirements > Table mapping the identified risks to requirements | Threat | Requirements | |--------|------------------------------------| | KEVU | NKEV, SCUD, SSDD, MSAF, LMAS, LOGG | | UEVU | SSDD, MSAF, DMIN, LMAS, LOGG | | PHYS | SDEL | | CONF | SDEF | | UADT | CDTX, DMIN, LMAS | | AVAI | AVAI, MSAF, LMAS, LOGG | | FDOS | AVAI, MSAF, LMAS, LOGG, | | DDOS | AVAI, MSAF, LMAS, LOGG | | MQSE | CDTX, IDTX, SCUD, LOGG | | AHHS | NKEV, SCUD, SSDD, MSAF, LMAS, LOGG | ## D.2 Risks not treated by the requirements > If any risks are not treated by the normative requirements, describe non-normative suggestions to mitigate them. No risks are untreated by the requirements. ## D.3 Risk acceptance criteria Loading Loading
EN-304-625.md +15 −4 Original line number Diff line number Diff line Loading @@ -1929,7 +1929,7 @@ Requirements: AVAI, MSAF, LMAS, LOGG | FUN = 1 | Medium | | FUN = 0 | Low | Requirements: AVAI, LMAS, LOGG Requirements: AVAI, MSAF, LMAS, LOGG **[TH-DDOS]:** Attacker may exploit vulnerabilities in the product to attack other products. Loading @@ -1945,7 +1945,7 @@ Requirements: AVAI, LMAS, LOGG | DOS = 1 | Medium | | DOS = 0 | Low | Requirements: AVAI, LMAS, LOGG Requirements: AVAI, MSAF, LMAS, LOGG **[TH-MQSE]:** Attacker may masquerade as an authorized server to get unauthorized access to product assets. Loading Loading @@ -2055,11 +2055,22 @@ Security profiles are associated with sets of risk factor levels. ## D.1 Mapping of risks to requirements > Table mapping the identified risks to requirements | Threat | Requirements | |--------|------------------------------------| | KEVU | NKEV, SCUD, SSDD, MSAF, LMAS, LOGG | | UEVU | SSDD, MSAF, DMIN, LMAS, LOGG | | PHYS | SDEL | | CONF | SDEF | | UADT | CDTX, DMIN, LMAS | | AVAI | AVAI, MSAF, LMAS, LOGG | | FDOS | AVAI, MSAF, LMAS, LOGG, | | DDOS | AVAI, MSAF, LMAS, LOGG | | MQSE | CDTX, IDTX, SCUD, LOGG | | AHHS | NKEV, SCUD, SSDD, MSAF, LMAS, LOGG | ## D.2 Risks not treated by the requirements > If any risks are not treated by the normative requirements, describe non-normative suggestions to mitigate them. No risks are untreated by the requirements. ## D.3 Risk acceptance criteria Loading
