Loading EN-304-625.md +13 −1 Original line number Diff line number Diff line Loading @@ -1007,8 +1007,12 @@ The product shall require authorization by default to access security-relevant a ### 5.2.X **TR-CONF**: Confidentiality of assets The product shall protect confidential assets from unauthorized access. #### 5.2.X.x **MI-SCNF**: Confidentiality of data stored on the product FIXME split this up into types of data, which may require different mitigations The product shall protect confidential data stored on the product from unauthorized access. * Reference: TR-CONF Loading @@ -1035,6 +1039,8 @@ The product shall protect confidential data stored on the product from unauthori #### 5.2.X.x **MI-TCNF**: Confidentiality of data transmitted by product FIXME split this up into types of data transmitted, which may require different mitigations The product shall protect data transmitted by the product from unauthorized access. * Reference: TR-CONF Loading Loading @@ -1093,6 +1099,8 @@ All exposed interfaces on the product in any state that is part of its reasonabl The product shall provide a method of deleting all data and settings and resetting the product to its secure-by-default configuration. FIXME break this down into pieces, for types of data, for commands, for physical interfaces, for device drivers and virtual interfaces. #### 5.2.X.x **MI-RSET**: The product shall reset to its secure-by-default state after a power cycle or reset command. Loading @@ -1113,6 +1121,8 @@ The product shall reset to its secure-by-default state after a power cycle or re The product shall provide a method to securely transfer all data and settings from the product to other products or systems. FIXME break this down farther #### 5.2.X.x **MI-DTTH**: Data transfer to host The product shall provide a method by which an authorized user on the host system can securely read all data and settings from the product. Loading Loading @@ -1173,9 +1183,11 @@ All sources of data processed by the product in its secure-by-default configurat The product shall be securely updateable by the user. FIXME add versions for device driver and virtual interface. #### 5.2.X.x **MI-SCFM**: Secure update of firmware The physical network interface shall provide a method of updating its firmware from the host system. The product shall provide a method of updating its firmware from the host system. * Applicability: Product is a physical interface * Reference: TR-SCUD Loading Loading
EN-304-625.md +13 −1 Original line number Diff line number Diff line Loading @@ -1007,8 +1007,12 @@ The product shall require authorization by default to access security-relevant a ### 5.2.X **TR-CONF**: Confidentiality of assets The product shall protect confidential assets from unauthorized access. #### 5.2.X.x **MI-SCNF**: Confidentiality of data stored on the product FIXME split this up into types of data, which may require different mitigations The product shall protect confidential data stored on the product from unauthorized access. * Reference: TR-CONF Loading @@ -1035,6 +1039,8 @@ The product shall protect confidential data stored on the product from unauthori #### 5.2.X.x **MI-TCNF**: Confidentiality of data transmitted by product FIXME split this up into types of data transmitted, which may require different mitigations The product shall protect data transmitted by the product from unauthorized access. * Reference: TR-CONF Loading Loading @@ -1093,6 +1099,8 @@ All exposed interfaces on the product in any state that is part of its reasonabl The product shall provide a method of deleting all data and settings and resetting the product to its secure-by-default configuration. FIXME break this down into pieces, for types of data, for commands, for physical interfaces, for device drivers and virtual interfaces. #### 5.2.X.x **MI-RSET**: The product shall reset to its secure-by-default state after a power cycle or reset command. Loading @@ -1113,6 +1121,8 @@ The product shall reset to its secure-by-default state after a power cycle or re The product shall provide a method to securely transfer all data and settings from the product to other products or systems. FIXME break this down farther #### 5.2.X.x **MI-DTTH**: Data transfer to host The product shall provide a method by which an authorized user on the host system can securely read all data and settings from the product. Loading Loading @@ -1173,9 +1183,11 @@ All sources of data processed by the product in its secure-by-default configurat The product shall be securely updateable by the user. FIXME add versions for device driver and virtual interface. #### 5.2.X.x **MI-SCFM**: Secure update of firmware The physical network interface shall provide a method of updating its firmware from the host system. The product shall provide a method of updating its firmware from the host system. * Applicability: Product is a physical interface * Reference: TR-SCUD Loading
