Commit 986519cd authored by Valerie Aurora's avatar Valerie Aurora
Browse files

Add TR-MINI, minimize impact on other devices and services

parent 04489f5e

EN-304-625.md

+53 −18
Original line number Diff line number Diff line
@@ -793,7 +793,7 @@ See Section 5.3 for which mitigations are necessary for which security profiles 


#### 5.2.X.x Requirement



The product shall implement appropriate mitigations to limit incident impact

The product shall implement appropriate mitigations to limit incident impact.



#### 5.2.X.x Default Preparation, Verdict, and Evidence for memory safety mitigations
@@ -855,6 +855,41 @@ The product shall zero-initialize all heap memory before use. 


See Section 5.3 for which mitigations are necessary for which security profiles and Annex C.4 for the rationale.



### 5.2.X **TR-MINI**: Minimize impact on other devices and services



#### 5.2.X.x Requirement



The product shall implement appropriate mitigations to minimize impact on other devices and services.



#### 5.2.X.x **MI-MDOC**: Document transfer of risk of minimizing impact to operating environment



The product shall be accompanied by documentation informing the user of the transfer of risk for minimizing impact on other devices and services.



  * Reference: TR-MINI

  * Objective: Minimize impact on other devices and services

  * Activities: Examine the documentation

  * Verdict: Transfer of risk documented in a manner appropriate to the user => PASS, otherwise FAIL

  * Evidence: Documentation, analysis of documentation



#### 5.2.X.x Mapping of mitigations to risk factors and security profiles



See Section 5.3 for which mitigations are necessary for which security profiles and Annex C.4 for the rationale.



#### 5.2.X.x **MI-MPHY**: Prevent denial of service at physical layer



The product shall implement methods of detecting and mitigating denial of service attacks on other devices resulting from exploitation of vulnerabilities on the product via network or host system access.



  * Reference: TR-MINI

  * Objective: Minimize impact on other devices and services

  * Preparation: List known attack methods that generate output on the transmission medium originating in the product itself that negatively impact other devices and services

  * Activities: Use a tool to simulate these attacks and observe whether the product notifies the host or mitigates the negative impact itself

  * Verdict: Product notifies host or mitigates the negative impact itself  => PASS, otherwise FAIL

  * Evidence: List of attack methods, list of negative behaviors tested, log messages of product behavior, log on host system



#### 5.2.X.x Mapping of mitigations to risk factors and security profiles



See Section 5.3 for which mitigations are necessary for which security profiles and Annex C.4 for the rationale.



### 5.2.X **TR-SDEF**: Secure by default configuration



#### 5.2.X.x Requirement
@@ -1433,25 +1468,25 @@ This clause lists all the mitigations necessary to meet requirements for each se 


SP-WD-1: SCFS, SUDC, (SUVP or SUAP or SUOE or SUAO), DJST, (NTFY or WDOG), DOST, LOGG



SP-WD-2: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-4, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, DCTX, DJST, NTFY, WDOG, FDRP, LMEM, FAIR, DOST, JSTY, LOGG, VULH

SP-WD-2: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-4, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, DCTX, DJST, NTFY, WDOG, FDRP, LMEM, FAIR, DOST, MDOC, MPHY, JSTY, LOGG, VULH



SP-WD-3: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-4, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, JSTY, LOGG, VULH

SP-WD-3: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-4, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, MDOC, MPHY, JSTY, LOGG, VULH



SP-WD-4: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-\*, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, DCTX, DJST, NTFY, WDOG, FDRP, LMEM, FAIR, DOST, JSTY, LOGG, VULH

SP-WD-4: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-\*, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, DCTX, DJST, NTFY, WDOG, FDRP, LMEM, FAIR, DOST, MDOC, MPHY, JSTY, LOGG, VULH



### 5.3.2 Wireless network interface risk mitigation sets



SP-WL-1: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, CDTX, IDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, JSTY, LOGG, (RSET or INST or DELE), SDRF, VULH

SP-WL-1: (KEVD or KEVA or KEVT or SCAN), SCFS, SSCA, IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, SUDC, (SUVP or SUAP or SUOE or SUAO), AUTH, CDST, CDTX, IDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, MDOC, JSTY, LOGG, (RSET or INST or DELE), SDRF, VULH



SP-WL-2: AUTH, KEVD, KEVA, (KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-4, SUDC, (SUAP or SUAO), AUTH, CDST, CDTX, IDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, JSTY, LOGG, (RSET or INST or DELE), SDRF, VULH

SP-WL-2: AUTH, KEVD, KEVA, (KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-4, SUDC, (SUAP or SUAO), AUTH, CDST, CDTX, IDST, DCTX, DJST, (NTFY or WDOG), LMEM, MDOC, MPHY, DOST, JSTY, LOGG, (RSET or INST or DELE), SDRF, VULH



SP-WL-3: AUTH, KEVD, KEVA, (KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-\*, SUDC, (SUAP or SUAO), AUTH, CDST, CDTX, IDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, JSTY, LOGG, (RSET or INST or DELE), SDRF, VULH

SP-WL-3: AUTH, KEVD, KEVA, (KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-\*, SUDC, (SUAP or SUAO), AUTH, CDST, CDTX, IDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, MDOC, MPHY, JSTY, LOGG, (RSET or INST or DELE), SDRF, VULH



### 5.3.3 Virtual network interface risk mitigation sets



SP-VI-1: (KEVD or KEVA or KEVT or SCAN), SCFS, IMSL or (MSAF-\*, MZRO-\*), SUDC, (SUVP or SUAP or SUOE or SUAO), CDST, IDST, DCTX, DJST, (NTFY or WDOG), LMEM, DOST, JSTY, LOGG, SDRF, VULH



SP-VI-2: AUTH, KEVD, KEVA, (KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-3, PDDI-4, SUDC, (SUAP or SUAO), AUTH, CDST, IDST, DCST, DCTX, DJST, NTFY, WDOG, FDRP, LMEM, FAIR, DOST, JSTY, LOGG, (RSET or INST or DELE), SDRF, SDTR, VULH

SP-VI-2: AUTH, KEVD, KEVA, (KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), IMSL or (MSAF-\*, MZRO-\*), ADEF, DPAH, PDDI-1, PDDI-3, PDDI-4, SUDC, (SUAP or SUAO), AUTH, CDST, IDST, DCST, DCTX, DJST, NTFY, WDOG, FDRP, LMEM, FAIR, MDOC, MPHY, DOST, JSTY, LOGG, (RSET or INST or DELE), SDRF, SDTR, VULH



# 6 Conformity Assessment
@@ -1470,7 +1505,7 @@ SP-VI-2: AUTH, KEVD, KEVA, (KEVT or SCAN), SCFS, SSCA, (FZ95 or BTIN or IMSL), I 
| Integrity protection for data and configuration | IDST, IDTX                         |

| Data minimization                               | DMIN                               |

| Availability protection                         | AVAI, LMII                         |

| Minimize impact on other devices or services    | SDEF, AVAI, SSDD, LMII             |

| Minimize impact on other devices or services    | MINI, SDEF, AVAI, SSDD, LMII       |

| Limit attack surface                            | LMAS, SSDD, LMII                   |

| Exploit mitigation by limiting incident impact  | LMII, AVAI, SSDD                   |

| Logging and monitoring mechanisms               | LOGG                               |
@@ -1979,20 +2014,20 @@ Attacker may exploit vulnerabilities in the product to attack other products. 
| NET = 2 & COM = 2 & ADM = 2   | High       | WL-2, WL-3, VI-2             |



| Risk factors | Impact | Security profiles                 |

|--------------|--------|-------------------|

| DOS = 2      | High   | TBD               |

| DOS = 1      | Medium | TBD               |

| DOS = 0      | Low    | TBD               |

|--------------|--------|-----------------------------------|

| NET = 0      | Low    | WD-1, VI-1                        |

| NET = 1      | Medium | WL-1,                             |

| NET = 2      | High   | WD-2, WD-3, WD-4, WL-2, WL-3, V-2 |



Requirements that mitigate this threat: NKEV, LMII, LMAS, LOGG, VULH

Requirements that mitigate this threat: NKEV, LMII, MINI, LMAS, LOGG, VULH



All mitigations from TH-KEVU apply, plus:



Mitigations for Impact:



* Medium to Low: TODO - if there aren't any differet from KEVU, merge

* Medium to Low: MDOC



* High to Low: TODO - if there aren't any differet from KEVU, merge

* High to Low: MDOC, MPHY



#### C.4.3.9 TH-MQSE: Masquerading authorized server
@@ -2170,7 +2205,7 @@ This clause describes the metholodogy followed in the current text. 
| UADT   | CDTX, DMIN, LMAS                         |

| AVAI   | AVAI, LMII, LMAS, LOGG, VULH             |

| PDOS   | AVAI, LMII, LMAS, LOGG                   |

| DDOS   | AVAI, LMII, LMAS, LOGG, VULH             |

| DDOS   | MINI, AVAI, LMII, LMAS, LOGG, VULH       |

| MQSE   | CDTX, IDTX, SCUD, LOGG                   |

| AHHS   | NKEV, SCUD, SSDD, LMII, LMAS, LOGG, SDEF |