Update PDOS/DDOS risk formulas and related risk factors (0effe32a) · Commits · STAN4CRA / EN 304 626 Operating Systems

EN-304-626.md

+51 −51

Original line number	Diff line number	Diff line
		@@ -1920,16 +1920,16 @@ Mitigations for Impact:
		Attacker may use user or network access for a denial-of-service attack on product functions.

		\| Risk factors \| Likelihood \| \|
		\|---------------------\|------------\|---------------------------------\|
		\|---------------------\|------------\|---------------------------------------------\|
		\| max(CUSR, FNET) = 0 \| Low \| LR, IoT-\*, \|
		\| max(CUSR, FNET) = 1 \| Medium \| OT-1, WE-1, PC-\* \|
		\| max(CUSR, FNET) = 2 \| High \| RO-1, MOB-1, LA-\, PS-1, SE-\ \|
		\| max(CUSR, FNET) = 1 \| Medium \| OT-1, MOB-1, WE-1, PC-\, LA-\, SE-1, SE-2 \|
		\| max(CUSR, FNET) = 2 \| High \| RO-1, PS-1, SE-3 \|

		\| Risk factors \| Impact \| Security profiles \|
		\|--------------\|--------\|---------------------------------------------\|
		\| SENF = 0 \| Low \| LR, IoT-1 \|
		\| SENF = 1 \| Medium \| IoT-2, IoT-3, OT-1, WE-1, SE-3 \|
		\| SENF = 2 \| High \| RO-1, MOB-1, PC-\, LA-\, PS-1, SE-1, SE-2 \|
		\|--------------\|--------\|--------------------------------------\|
		\| SENF = 0 \| Low \| LR, IoT-1, IoT-2 \|
		\| SENF = 1 \| Medium \| IoT-3, WE-1, PC-1, LA-1, PS-1 \|
		\| SENF = 2 \| High \| RO-1, OT-1, MOB-1, PC-2, LA-2, SE-\* \|

		Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG, VULH

		@@ -1952,16 +1952,16 @@ Attacker may use the network to exploit vulnerabilities in the product to attack
		Guidance: Traffic amplication attacks and other misuses of product functions are considered vulnerabilities and/or unauthorized use for the purpose of this threat.

		\| Risk factors \| Likelihood \| Security profiles \|
		\|----------------------\|------------\|--------------------------\|
		\| FNET = 0 or ADMN = 0 \| Low \| LR, IoT-\, OT-\, SE-\* \|
		\| all others \| Medium \| RO-1, WE-1, PC-\*, LA-2 \|
		\| FNET = 2 & ADMN = 2 \| High \| MOB-1, LA-1 \|
		\|--------------\|------------\|------------------------------------------\|
		\| FNET = 0 \| Low \| LR, IoT-1, WE-1, \|
		\| FNET = 1 \| Medium \| IoT-2, IoT-3, OT-\, MOB-1, PC-\, LA-\* \|
		\| FNET = 2 \| High \| RO-1, PS-1, SE-\* \|

		\| Risk factors \| Impact \| Security profiles \|
		\|--------------\|--------\|-----------------------------\|
		\|--------------\|--------\|----------------------------------------\|
		\| TNET = 0 \| Low \| LR, IoT-1 \|
		\| TNET = 1 \| Medium \| IoT-2, IoT-3, OT-\, SE-\ \|
		\| TNET = 2 \| High \| RO-1, MOB-1, PC-\, LA-\ \|
		\| TNET = 1 \| Medium \| IoT-2, IoT-3, OT-\* \|
		\| TNET = 2 \| High \| RO-1, MOB-1, PC-\, LA-\, PS-1, SE-\* \|

		Requirements that mitigate this threat: NKEV, SSDD, MSAF, LMII, MINI, SCUD, LMAS, DMIN, AVAI, LOGG, VULH

		@@ -2041,20 +2041,20 @@ Mitigations for Impact:
		\|--------------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|-------\|
		\| UC-LR \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \|
		\| UC-IoT-1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 2 \| 0 \| 3 \|
		\| UC-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 11 \|
		\| UC-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 14 \|
		\| UC-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 1 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 17 \|
		\| UC-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 12 \|
		\| UC-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 15 \|
		\| UC-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 18 \|
		\| UC-OT-1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 12 \|
		\| UC-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 31 \|
		\| UC-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 1 \| 0 \| 2 \| 1 \| 14 \|
		\| UC-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 30 \|
		\| UC-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 2 \| 1 \| 13 \|
		\| UC-PC-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 25 \|
		\| UC-PC-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 1 \| 2 \| 25 \|
		\| UC-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 28 \|
		\| UC-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 28 \|
		\| UC-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 27 \|
		\| UC-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 1 \| 2 \| 27 \|
		\| UC-PS-1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 24 \|
		\| UC-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 20 \|
		\| UC-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| UC-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| UC-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| UC-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| UC-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 24 \|

		## C.6 Security profiles and security assurance levels

		@@ -2070,20 +2070,20 @@ Security profiles are associated with sets of risk factor levels. Each security
		\|--------------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|-------\|
		\| SP-LR \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \|
		\| SP-IoT-1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 2 \| 0 \| 3 \|
		\| SP-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 11 \|
		\| SP-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 14 \|
		\| SP-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 1 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 17 \|
		\| SP-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 12 \|
		\| SP-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 15 \|
		\| SP-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 18 \|
		\| SP-OT-1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 12 \|
		\| SP-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 31 \|
		\| SP-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 1 \| 0 \| 2 \| 1 \| 14 \|
		\| SP-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 30 \|
		\| SP-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 2 \| 1 \| 13 \|
		\| SP-PC-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 25 \|
		\| SP-PC-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 1 \| 2 \| 25 \|
		\| SP-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 28 \|
		\| SP-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 28 \|
		\| SP-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 27 \|
		\| SP-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 1 \| 2 \| 27 \|
		\| SP-PS-1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 24 \|
		\| SP-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 20 \|
		\| SP-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| SP-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| SP-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| SP-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| SP-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 24 \|

		### C.6.3 Security assurance levels

		@@ -2102,20 +2102,20 @@ Security assurance levels are informed by but not determined by the risk factor
		\|------------------\|------------------------------------------------------------------------\|----------\|------\|
		\| SP-LR \| Operating system for learning and research \| 0 \| LOW \|
		\| SP-IoT-1 \| Non-internet-connected device such as a bluetooth speaker \| 3 \| LOW \|
		\| SP-IoT-2 \| Internet-enabled power switch \| 11 \| LOW \|
		\| SP-IoT-3 \| Internet-connected "smart home" device \| 14 \| MED \|
		\| SP-RO-1 \| Consumer-grade home wireless router \| 17 \| MED \|
		\| SP-IoT-2 \| Internet-enabled power switch \| 12 \| MED \|
		\| SP-IoT-3 \| Internet-connected "smart home" device \| 15 \| MED \|
		\| SP-RO-1 \| Consumer-grade home wireless router \| 18 \| MED \|
		\| SP-OT-1 \| Business-grade remote door locking system \| 12 \| MED \|
		\| SP-MOB-1 \| Personal mobile device \| 31 \| HIGH \|
		\| SP-WE-1 \| Wearable health tracker \| 14 \| MED \|
		\| SP-MOB-1 \| Personal mobile device \| 30 \| HIGH \|
		\| SP-WE-1 \| Wearable health tracker \| 13 \| MED \|
		\| SP-PC-1 \| Personal computer in a fixed and generally safe location \| 25 \| MED \|
		\| SP-PC-2 \| Enterprise workstation in a fixed and generally safe location \| 25 \| MED \|
		\| SP-LA-1 \| Personal laptop \| 28 \| HIGH \|
		\| SP-LA-2 \| Enterprise laptop \| 28 \| HIGH \|
		\| SP-LA-1 \| Personal laptop \| 27 \| HIGH \|
		\| SP-LA-2 \| Enterprise laptop \| 27 \| HIGH \|
		\| SP-PS-1 \| Personal server \| 24 \| MED \|
		\| SP-SE-1 \| Enterprise server in a datacenter with no user accounts \| 20 \| MED \|
		\| SP-SE-2 \| Enterprise server in a datacenter with only trusted user accounts \| 21 \| MED \|
		\| SP-SE-3 \| Enterprise server in a datacenter hosting many untrusted user accounts \| 22 \| MED \|
		\| SP-SE-1 \| Enterprise server in a datacenter with no user accounts \| 21 \| MED \|
		\| SP-SE-2 \| Enterprise server in a datacenter with only trusted user accounts \| 22 \| MED \|
		\| SP-SE-3 \| Enterprise server in a datacenter hosting many untrusted user accounts \| 24 \| MED \|

		# Annex D (informative): Risk evaluation guidance

Original line number	Diff line number	Diff line
		@@ -1920,16 +1920,16 @@ Mitigations for Impact:
		Attacker may use user or network access for a denial-of-service attack on product functions.

		\| Risk factors \| Likelihood \| \|
		\|---------------------\|------------\|---------------------------------\|
		\|---------------------\|------------\|---------------------------------------------\|
		\| max(CUSR, FNET) = 0 \| Low \| LR, IoT-\*, \|
		\| max(CUSR, FNET) = 1 \| Medium \| OT-1, WE-1, PC-\* \|
		\| max(CUSR, FNET) = 2 \| High \| RO-1, MOB-1, LA-\, PS-1, SE-\ \|
		\| max(CUSR, FNET) = 1 \| Medium \| OT-1, MOB-1, WE-1, PC-\, LA-\, SE-1, SE-2 \|
		\| max(CUSR, FNET) = 2 \| High \| RO-1, PS-1, SE-3 \|

		\| Risk factors \| Impact \| Security profiles \|
		\|--------------\|--------\|---------------------------------------------\|
		\| SENF = 0 \| Low \| LR, IoT-1 \|
		\| SENF = 1 \| Medium \| IoT-2, IoT-3, OT-1, WE-1, SE-3 \|
		\| SENF = 2 \| High \| RO-1, MOB-1, PC-\, LA-\, PS-1, SE-1, SE-2 \|
		\|--------------\|--------\|--------------------------------------\|
		\| SENF = 0 \| Low \| LR, IoT-1, IoT-2 \|
		\| SENF = 1 \| Medium \| IoT-3, WE-1, PC-1, LA-1, PS-1 \|
		\| SENF = 2 \| High \| RO-1, OT-1, MOB-1, PC-2, LA-2, SE-\* \|

		Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG, VULH

		@@ -1952,16 +1952,16 @@ Attacker may use the network to exploit vulnerabilities in the product to attack
		Guidance: Traffic amplication attacks and other misuses of product functions are considered vulnerabilities and/or unauthorized use for the purpose of this threat.

		\| Risk factors \| Likelihood \| Security profiles \|
		\|----------------------\|------------\|--------------------------\|
		\| FNET = 0 or ADMN = 0 \| Low \| LR, IoT-\, OT-\, SE-\* \|
		\| all others \| Medium \| RO-1, WE-1, PC-\*, LA-2 \|
		\| FNET = 2 & ADMN = 2 \| High \| MOB-1, LA-1 \|
		\|--------------\|------------\|------------------------------------------\|
		\| FNET = 0 \| Low \| LR, IoT-1, WE-1, \|
		\| FNET = 1 \| Medium \| IoT-2, IoT-3, OT-\, MOB-1, PC-\, LA-\* \|
		\| FNET = 2 \| High \| RO-1, PS-1, SE-\* \|

		\| Risk factors \| Impact \| Security profiles \|
		\|--------------\|--------\|-----------------------------\|
		\|--------------\|--------\|----------------------------------------\|
		\| TNET = 0 \| Low \| LR, IoT-1 \|
		\| TNET = 1 \| Medium \| IoT-2, IoT-3, OT-\, SE-\ \|
		\| TNET = 2 \| High \| RO-1, MOB-1, PC-\, LA-\ \|
		\| TNET = 1 \| Medium \| IoT-2, IoT-3, OT-\* \|
		\| TNET = 2 \| High \| RO-1, MOB-1, PC-\, LA-\, PS-1, SE-\* \|

		Requirements that mitigate this threat: NKEV, SSDD, MSAF, LMII, MINI, SCUD, LMAS, DMIN, AVAI, LOGG, VULH

		@@ -2041,20 +2041,20 @@ Mitigations for Impact:
		\|--------------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|-------\|
		\| UC-LR \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \|
		\| UC-IoT-1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 2 \| 0 \| 3 \|
		\| UC-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 11 \|
		\| UC-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 14 \|
		\| UC-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 1 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 17 \|
		\| UC-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 12 \|
		\| UC-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 15 \|
		\| UC-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 18 \|
		\| UC-OT-1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 12 \|
		\| UC-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 31 \|
		\| UC-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 1 \| 0 \| 2 \| 1 \| 14 \|
		\| UC-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 30 \|
		\| UC-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 2 \| 1 \| 13 \|
		\| UC-PC-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 25 \|
		\| UC-PC-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 1 \| 2 \| 25 \|
		\| UC-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 28 \|
		\| UC-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 28 \|
		\| UC-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 27 \|
		\| UC-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 1 \| 2 \| 27 \|
		\| UC-PS-1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 24 \|
		\| UC-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 20 \|
		\| UC-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| UC-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| UC-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| UC-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| UC-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 24 \|

		## C.6 Security profiles and security assurance levels

		@@ -2070,20 +2070,20 @@ Security profiles are associated with sets of risk factor levels. Each security
		\|--------------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|------\|-------\|
		\| SP-LR \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \|
		\| SP-IoT-1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 0 \| 2 \| 0 \| 3 \|
		\| SP-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 11 \|
		\| SP-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 14 \|
		\| SP-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 1 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 17 \|
		\| SP-IoT-2 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 0 \| 1 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 12 \|
		\| SP-IoT-3 \| 0 \| 0 \| 1 \| 0 \| 1 \| 1 \| 1 \| 1 \| 2 \| 0 \| 1 \| 0 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 15 \|
		\| SP-RO-1 \| 0 \| 0 \| 1 \| 0 \| 1 \| 2 \| 2 \| 1 \| 2 \| 0 \| 0 \| 0 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 18 \|
		\| SP-OT-1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 0 \| 0 \| 0 \| 1 \| 1 \| 1 \| 0 \| 2 \| 12 \|
		\| SP-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 31 \|
		\| SP-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 1 \| 0 \| 2 \| 1 \| 14 \|
		\| SP-MOB-1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 30 \|
		\| SP-WE-1 \| 0 \| 0 \| 1 \| 1 \| 2 \| 1 \| 0 \| 1 \| 2 \| 1 \| 0 \| 0 \| 0 \| 1 \| 0 \| 0 \| 2 \| 1 \| 13 \|
		\| SP-PC-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 25 \|
		\| SP-PC-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 1 \| 2 \| 25 \|
		\| SP-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 2 \| 2 \| 28 \|
		\| SP-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 2 \| 2 \| 1 \| 2 \| 28 \|
		\| SP-LA-1 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 2 \| 2 \| 27 \|
		\| SP-LA-2 \| 1 \| 1 \| 2 \| 1 \| 2 \| 2 \| 2 \| 1 \| 2 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 2 \| 1 \| 2 \| 27 \|
		\| SP-PS-1 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 1 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 1 \| 2 \| 24 \|
		\| SP-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 20 \|
		\| SP-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| SP-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 1 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| SP-SE-1 \| 1 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 21 \|
		\| SP-SE-2 \| 2 \| 1 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 1 \| 1 \| 0 \| 2 \| 22 \|
		\| SP-SE-3 \| 2 \| 2 \| 2 \| 0 \| 2 \| 2 \| 2 \| 0 \| 2 \| 0 \| 1 \| 1 \| 1 \| 2 \| 2 \| 1 \| 0 \| 2 \| 24 \|

		### C.6.3 Security assurance levels

		@@ -2102,20 +2102,20 @@ Security assurance levels are informed by but not determined by the risk factor
		\|------------------\|------------------------------------------------------------------------\|----------\|------\|
		\| SP-LR \| Operating system for learning and research \| 0 \| LOW \|
		\| SP-IoT-1 \| Non-internet-connected device such as a bluetooth speaker \| 3 \| LOW \|
		\| SP-IoT-2 \| Internet-enabled power switch \| 11 \| LOW \|
		\| SP-IoT-3 \| Internet-connected "smart home" device \| 14 \| MED \|
		\| SP-RO-1 \| Consumer-grade home wireless router \| 17 \| MED \|
		\| SP-IoT-2 \| Internet-enabled power switch \| 12 \| MED \|
		\| SP-IoT-3 \| Internet-connected "smart home" device \| 15 \| MED \|
		\| SP-RO-1 \| Consumer-grade home wireless router \| 18 \| MED \|
		\| SP-OT-1 \| Business-grade remote door locking system \| 12 \| MED \|
		\| SP-MOB-1 \| Personal mobile device \| 31 \| HIGH \|
		\| SP-WE-1 \| Wearable health tracker \| 14 \| MED \|
		\| SP-MOB-1 \| Personal mobile device \| 30 \| HIGH \|
		\| SP-WE-1 \| Wearable health tracker \| 13 \| MED \|
		\| SP-PC-1 \| Personal computer in a fixed and generally safe location \| 25 \| MED \|
		\| SP-PC-2 \| Enterprise workstation in a fixed and generally safe location \| 25 \| MED \|
		\| SP-LA-1 \| Personal laptop \| 28 \| HIGH \|
		\| SP-LA-2 \| Enterprise laptop \| 28 \| HIGH \|
		\| SP-LA-1 \| Personal laptop \| 27 \| HIGH \|
		\| SP-LA-2 \| Enterprise laptop \| 27 \| HIGH \|
		\| SP-PS-1 \| Personal server \| 24 \| MED \|
		\| SP-SE-1 \| Enterprise server in a datacenter with no user accounts \| 20 \| MED \|
		\| SP-SE-2 \| Enterprise server in a datacenter with only trusted user accounts \| 21 \| MED \|
		\| SP-SE-3 \| Enterprise server in a datacenter hosting many untrusted user accounts \| 22 \| MED \|
		\| SP-SE-1 \| Enterprise server in a datacenter with no user accounts \| 21 \| MED \|
		\| SP-SE-2 \| Enterprise server in a datacenter with only trusted user accounts \| 22 \| MED \|
		\| SP-SE-3 \| Enterprise server in a datacenter hosting many untrusted user accounts \| 24 \| MED \|

		# Annex D (informative): Risk evaluation guidance