Loading EN-304-626.md +14 −14 Original line number Diff line number Diff line Loading @@ -2035,21 +2035,21 @@ Mitigations for Impact: * High to Low: DJST #### C.4.3.6 TH-PDOS: Denial of service attack on product functions via system or network access #### C.4.3.6 TH-PDOS: Denial of service attack on product functions via user or network access Attacker may use host system or network access for a denial-of-service attack on product functions. Attacker may use user or network access for a denial-of-service attack on product functions. | Risk factors | Likelihood | | |-------------------|------------|------------------------------------| | max(SFT, NET) = 0 | Low | WD-1 | | max(SFT, NET) = 1 | Medium | WL-1, VI-1 | | max(SFT, NET) = 2 | High | WD-2, WD-3, WD-4, WL-2, WL-3, VI-2 | |---------------------|------------|---------------------------------| | max(CUSR, FNET) = 0 | Low | LR, IoT-\*, | | max(CUSR, FNET) = 1 | Medium | OT-1, WE-1, PC-\* | | max(CUSR, FNET) = 2 | High | RO-1, MOB-1, LA-\*, PS-1, SE-\* | | Risk factors | Impact | Security profiles | |--------------|--------|-------------------------| | SENF = 0 | Low | none | | SENF = 1 | Medium | WD-1, WD-3, WL-\*, VI-1 | | SENF = 2 | High | WD-2, WD-4, VI-2 | |--------------|--------|---------------------------------------------| | SENF = 0 | Low | LR, IoT-1 | | SENF = 1 | Medium | IoT-2, IoT-3, OT-1, WE-1, SE-3 | | SENF = 2 | High | RO-1, MOB-1, PC-\*, LA-\*, PS-1, SE-1, SE-2 | Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG Loading @@ -2061,9 +2061,9 @@ Mitigations for Likelihood: Mitigations for Impact: * Medium to Low: (NTFY or WDOG), LMEM, LOGG * Medium to Low: LMEM, LOGG * High to Low: NTFY, WDOG, FDRP, LMEM, FAIR, LOGG * High to Low: AVNT, WDOG, FDRP, LMEM, FAIR, LOGG #### C.4.3.7 TH-DDOS: Denial of service attack on other products via exploitation of vulnerabilities or unauthorized use of product functions Loading TRs_and_MIs.txt +1 −1 Original line number Diff line number Diff line Loading @@ -67,6 +67,7 @@ MI-ADEF: Authorization required by default to access security-relevant assets MI-PDDI-1: Document how to protect access to debug/management interfaces MI-PDDI-2: Protect or disable local software access to debug/management interfaces MI-PDDI-3: Protect or disable network access to debug/management interfaces MI-DOST: Document risk transfer to operational environment for denial of service MI-SCHL: Low security updates provided by operational environment MI-SCHM: Medium security updates provided by operational environment MI-SCHH: High security updates provided by operational environment Loading @@ -90,7 +91,6 @@ MI-WDOG: Watchdog and self-initiated reset MI-FDRP: Fast packet drop MI-LMEM: Limit memory usage MI-FAIR: Fair resource usage and prioritization MI-DOST: Document risk transfer to operational environment for denial of service MI-LOGG: Logging MI-RSET: Secure deletion via reset MI-INST: Secure deletion via reinstallation Loading Loading
EN-304-626.md +14 −14 Original line number Diff line number Diff line Loading @@ -2035,21 +2035,21 @@ Mitigations for Impact: * High to Low: DJST #### C.4.3.6 TH-PDOS: Denial of service attack on product functions via system or network access #### C.4.3.6 TH-PDOS: Denial of service attack on product functions via user or network access Attacker may use host system or network access for a denial-of-service attack on product functions. Attacker may use user or network access for a denial-of-service attack on product functions. | Risk factors | Likelihood | | |-------------------|------------|------------------------------------| | max(SFT, NET) = 0 | Low | WD-1 | | max(SFT, NET) = 1 | Medium | WL-1, VI-1 | | max(SFT, NET) = 2 | High | WD-2, WD-3, WD-4, WL-2, WL-3, VI-2 | |---------------------|------------|---------------------------------| | max(CUSR, FNET) = 0 | Low | LR, IoT-\*, | | max(CUSR, FNET) = 1 | Medium | OT-1, WE-1, PC-\* | | max(CUSR, FNET) = 2 | High | RO-1, MOB-1, LA-\*, PS-1, SE-\* | | Risk factors | Impact | Security profiles | |--------------|--------|-------------------------| | SENF = 0 | Low | none | | SENF = 1 | Medium | WD-1, WD-3, WL-\*, VI-1 | | SENF = 2 | High | WD-2, WD-4, VI-2 | |--------------|--------|---------------------------------------------| | SENF = 0 | Low | LR, IoT-1 | | SENF = 1 | Medium | IoT-2, IoT-3, OT-1, WE-1, SE-3 | | SENF = 2 | High | RO-1, MOB-1, PC-\*, LA-\*, PS-1, SE-1, SE-2 | Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG Loading @@ -2061,9 +2061,9 @@ Mitigations for Likelihood: Mitigations for Impact: * Medium to Low: (NTFY or WDOG), LMEM, LOGG * Medium to Low: LMEM, LOGG * High to Low: NTFY, WDOG, FDRP, LMEM, FAIR, LOGG * High to Low: AVNT, WDOG, FDRP, LMEM, FAIR, LOGG #### C.4.3.7 TH-DDOS: Denial of service attack on other products via exploitation of vulnerabilities or unauthorized use of product functions Loading
TRs_and_MIs.txt +1 −1 Original line number Diff line number Diff line Loading @@ -67,6 +67,7 @@ MI-ADEF: Authorization required by default to access security-relevant assets MI-PDDI-1: Document how to protect access to debug/management interfaces MI-PDDI-2: Protect or disable local software access to debug/management interfaces MI-PDDI-3: Protect or disable network access to debug/management interfaces MI-DOST: Document risk transfer to operational environment for denial of service MI-SCHL: Low security updates provided by operational environment MI-SCHM: Medium security updates provided by operational environment MI-SCHH: High security updates provided by operational environment Loading @@ -90,7 +91,6 @@ MI-WDOG: Watchdog and self-initiated reset MI-FDRP: Fast packet drop MI-LMEM: Limit memory usage MI-FAIR: Fair resource usage and prioritization MI-DOST: Document risk transfer to operational environment for denial of service MI-LOGG: Logging MI-RSET: Secure deletion via reset MI-INST: Secure deletion via reinstallation Loading
