@@ -605,6 +605,10 @@ FIXME prune this down to the most common use cases
Risk factors determine which mitigation(s) satisfy each of the technical requirements in Section 5.2. The manufacturer determines the level of each risk factor via the development of a threat model and risk profile based on the intended and foreseeable use and misuse of the operating system.
Risk factors may increase the likelihood of an incident, increase the impact of an incident, or both. As a result, different mitigation strategies may be more or less relevant to different risk factors.
The overall risk related to each use case should be considered as a result of combining risk factors affecting both likelihood and impact of an incident.
FIXME reference guidance on risk assessment when it exists.
#### 4.5.1.x Number of User Accounts
@@ -906,7 +910,9 @@ The operating system often provides many security functions to other components
# 5 Requirements specifications
## 5.1 Notes on the structure of requirements
## 5.1 Notes
### 5.1.1 Notes on the structure of requirements
The most important quality of a technical requirement is that it should ideally be objectively testable on an instance of the product and the documentation that is required to be produced and saved by the manufacturer (and provided to the MSA on request).
@@ -931,7 +937,13 @@ Optional:
* Requirements: features of the product as placed on the market necessary to run the test that aren't already required by some other technical requirement
* Documentation: any documentation the manufacturer must save for provision to the MSA in addition to the documentation required for every test
Applicability is based on the technical capabilities of the expected platform of deployment, as documented in TR-DPCP.
### 5.1.2 Notes on Mitigations
Specific technical mitigations should be articulated in relation to specific Risk Factors (Section 4.5).
This 1-to-1 mapping enables clear identification of appropriate mitigations for each Use Case based on the mapping of risk factors to use cases.
This also enables new use cases to be developed and, based on the existing list of risk factors, the relevant mitigations to be identified.
