## Vertical Standard Comment Please complete the below fields. Further instructions can be found in the repositories README.md Do not forget to add a Label, using the sidebar on the right. **Standard Version (see README.md for info)**: **Line Number**: **Clause/Subclause**: **Paragraph/Figure/Table**: **Comment**: These COM chapter can't be exclusive. **\[COM\]** Complexity of network interface implementation * **\[COM-L-0\]** Minimal features to send/recv packets * **\[COM-L-1\]** Some simple performance features * **\[COM-L-2\]** Encryption features on device * **\[COM-L-3\]** Entire RTOS managing radio, PXE boot, remote management, or similar Example : a Bluetooth USB dongle. It supports L-2 to encrypt Bluetooth packet using AES-128 and have a RTOS inside to manage the lower part of the Bluetooth stack so it support L-3 as well. L-1 is not clear, what kind of performance feature this is related to ? Throughput ? Power consumption ? Radio performance ? I don't see how the performance could play a role on cybersecurity. **Proposed Changes:** * **\[COM-L-0\]** Minimal feature to send/receive analog signals, typically used in Software Defined (Radio) products. e.g. IRDA, FM tranceivers, CAN bus transceivers, GMSL video tranceivers, 4-20 mA tranceiver. * **\[COM-L-1\]** Minimal features to send/recv packets without any firmware involved or a micro-firmware for signal processing and analog control only (RF control, power amplifier control, Low Noise amplifier control, error correction decoder...) e.g. ISM radio transceiver, Ethernet PHY. * **\[COM-L-2\]** More advanced features supporting access control layer and/or network stack implemented by a firmware or HW. e.g. Wifi transceiver, PLC modem, * \[COM-L-3\] Network interface with network service implemented by a firmware e.g. embedded web server, device management client/server (LWM2M, SNMP...), Bluetooth GATT/ATT profile, e.g. Cellular modem module, Wifi Network coprocessor, ==\> Case L-3 will require mandatory security layers, case L-2 can support security layer or it could be implemented in the host. So the proposal is to add another chapter regarding the security, especially the security storage which will enable a lot of risk on the network interface. \[SEC-L-0\] No security assets stored and used in the network interface. The security layers may be supported in upper layer on top of the network interface. \[SEC-L-1\] Security assets are used by the network interface but dynamically provided through the API. e.g. Wifi WPA session keys, MACSec keys in MACSec PHY. \[SEC-L-2\] Security assets are used and stored in the network interface. e.g. Cellular modem, Matter certificate chain in Matter controller, LoRAWAN keys, Wifi password in a Wifi Network controler...