@@ -1104,15 +1104,35 @@ The product shall reset to its secure-by-default state after a power cycle or re
* Evidence: Record of each type of data or setting, what data or setting was written, what data or setting was returned by the first read, and what data or setting was returned by the second read, comparison of each one
### 5.2.X **TR-SDTR**: Secure data transfer
The device shall provide a method to securely transfer all data and settings from the device to other devices or systems.
#### 5.2.X.x **MI-DTTH**: Data transfer to host
The device shall provide a method by which an authorized user on the host system can securely read all data and settings from the device.
* Reference: TR-SDTR
* Objective: Secure data transfer
* Preparation: List all data and settings.
* Activities: For each kind of data or setting, read the data or setting as an authorized user, then attempt read the data or setting as an unauthorized user, if any exists
* Verdict: All data and settings can be read by the authorized user, and no data or setting can be read by an unauthorized user
* Evidence: List of data and settings, log message showing success or failure of each read by the authorized user and, if applicable, the unauthorized user
#### 5.2.X.x Mapping of mitigations to risk factors and security profiles
| Risk factors | Requires mitigations |
|---------------------|----------------------|
| any | RSET |
| any | RSET and DTTH |
| Security Profile | Requires mitigations |
|---------------------|----------------------|
| any | RSET |
| any | RSET and DTTH |
### 5.2.X **TR-DMIN**:
@@ -1258,7 +1278,7 @@ Suggested type of tests include, but are not limited to:
