@@ -1872,18 +1872,10 @@ _List any related ETSI standards and how they interact with the present document
> Example threats can be found in the same documents suggested in the section on security requirements.
From NIAP PP for OS:
T.NETWORK ATTACK: An attacker is positioned on a communications channel or elsewhere on the network infrastructure. Attackers may engage in communications with applications and services running on or part of the OS with the intent of compromise. Engagement may consist of altering existing legitimate communications.
T.NETWORK EAVESDROP: An attacker is positioned on a communications channel or elsewhere on the network infrastructure. Attackers may monitor and gain access to data exchanged between applications and services that are running on or part of the OS.
T.LOCAL ATTACK: An attacker may compromise applications running on the OS. The compromised application may provide maliciously formatted input to the OS through a variety of channels including unprivileged system calls and messaging via the file system.
T.LIMITED PHYSICAL ACCESS An attacker may attempt to access data on the OS while having a limited amount of time with the physical device.
From BSI Common Criteria Protection Profile:
TSF = Target of evaluation Security Function
T.ACCESS.TSFDATA: A threat agent might read or modify TSF data without the necessary
authorization when the data is stored or transmitted.
