Loading EN-304-626.md +14 −17 Original line number Diff line number Diff line Loading @@ -2070,13 +2070,13 @@ Attacker may use user or network access for a denial-of-service attack on produc | SENF = 1 | Medium | IoT-2, IoT-3, OT-1, WE-1, SE-3 | | SENF = 2 | High | RO-1, MOB-1, PC-\*, LA-\*, PS-1, SE-1, SE-2 | Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG, VULH Mitigations for Likelihood: * Medium to Low: DOST * High to Low: DOST * High to Low: DOST, VULH Mitigations for Impact: Loading @@ -2102,7 +2102,7 @@ Guidance: Traffic amplication attacks and other misuses of product functions are | TNET = 1 | Medium | IoT-2, IoT-3, OT-\*, SE-\* | | TNET = 2 | High | RO-1, MOB-1, PC-\*, LA-\* | Requirements that mitigate this threat: NKEV, LMII, MINI, LMAS, LOGG, VULH Requirements that mitigate this threat: NKEV, SSDD, MSAF, LMII, MINI, SCUD, LMAS, DMIN, AVAI, LOGG, VULH All mitigations from TH-KEVU apply (using that requirement's risk formula), plus: Loading Loading @@ -2280,20 +2280,17 @@ This clause describes the methodology followed in the current text. ## D.2 Mapping of risks to requirements > TODO-HAS: Update below | Threat | Requirements | |--------|------------------------------------------| | KEVU | NKEV, SCUD, SSDD, LMII, LMAS, LOGG, VULH | | UEVU | SSDD, LMII, DMIN, LMAS, LOGG | | PHYS | SCDL, SDEF | | CONF | SDEF | | UADT | CDTX, DMIN, LMAS | | AVAI | AVAI, LMII, LMAS, LOGG, VULH | | PDOS | AVAI, LMII, LMAS, LOGG | | DDOS | MINI, AVAI, LMII, LMAS, LOGG, VULH | | MQSE | CDTX, IDTX, SCUD, LOGG | | AHHS | NKEV, SCUD, SSDD, LMII, LMAS, LOGG, SDEF | |--------|------------------------------------------------------------| | UEVU | SSDD, MSAF, LMII, LMAS, DMIN, LOGG | | KEVU | NKEV, SSDD, MSAF, LMII, SCUD, LMAS, DMIN, AVAI, LOGG, VULH | | CONF | CDST, SDEF, DMIN, LOGG | | UADT | CDTX, DMIN | | AVAI | AUTH, AVAI, LMAS, LOGG, VULH | | PDOS | AUTH, AVAI, LMAS, LOGG, VULH | | DDOS | AVAI, LMII, MINI, LMAS, LOGG, VULH | | MQSE | CDTX, CRYP, IDTX, AUTH, SCUD, LOGG | | LEAK | MISO, DMIN, VULH | ## D.3 Risk acceptance criteria Loading Loading
EN-304-626.md +14 −17 Original line number Diff line number Diff line Loading @@ -2070,13 +2070,13 @@ Attacker may use user or network access for a denial-of-service attack on produc | SENF = 1 | Medium | IoT-2, IoT-3, OT-1, WE-1, SE-3 | | SENF = 2 | High | RO-1, MOB-1, PC-\*, LA-\*, PS-1, SE-1, SE-2 | Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG Requirements that mitigate this threat: AUTH, AVAI, LMII, LOGG, VULH Mitigations for Likelihood: * Medium to Low: DOST * High to Low: DOST * High to Low: DOST, VULH Mitigations for Impact: Loading @@ -2102,7 +2102,7 @@ Guidance: Traffic amplication attacks and other misuses of product functions are | TNET = 1 | Medium | IoT-2, IoT-3, OT-\*, SE-\* | | TNET = 2 | High | RO-1, MOB-1, PC-\*, LA-\* | Requirements that mitigate this threat: NKEV, LMII, MINI, LMAS, LOGG, VULH Requirements that mitigate this threat: NKEV, SSDD, MSAF, LMII, MINI, SCUD, LMAS, DMIN, AVAI, LOGG, VULH All mitigations from TH-KEVU apply (using that requirement's risk formula), plus: Loading Loading @@ -2280,20 +2280,17 @@ This clause describes the methodology followed in the current text. ## D.2 Mapping of risks to requirements > TODO-HAS: Update below | Threat | Requirements | |--------|------------------------------------------| | KEVU | NKEV, SCUD, SSDD, LMII, LMAS, LOGG, VULH | | UEVU | SSDD, LMII, DMIN, LMAS, LOGG | | PHYS | SCDL, SDEF | | CONF | SDEF | | UADT | CDTX, DMIN, LMAS | | AVAI | AVAI, LMII, LMAS, LOGG, VULH | | PDOS | AVAI, LMII, LMAS, LOGG | | DDOS | MINI, AVAI, LMII, LMAS, LOGG, VULH | | MQSE | CDTX, IDTX, SCUD, LOGG | | AHHS | NKEV, SCUD, SSDD, LMII, LMAS, LOGG, SDEF | |--------|------------------------------------------------------------| | UEVU | SSDD, MSAF, LMII, LMAS, DMIN, LOGG | | KEVU | NKEV, SSDD, MSAF, LMII, SCUD, LMAS, DMIN, AVAI, LOGG, VULH | | CONF | CDST, SDEF, DMIN, LOGG | | UADT | CDTX, DMIN | | AVAI | AUTH, AVAI, LMAS, LOGG, VULH | | PDOS | AUTH, AVAI, LMAS, LOGG, VULH | | DDOS | AVAI, LMII, MINI, LMAS, LOGG, VULH | | MQSE | CDTX, CRYP, IDTX, AUTH, SCUD, LOGG | | LEAK | MISO, DMIN, VULH | ## D.3 Risk acceptance criteria Loading
