Commit 3f82efb9 authored by Valerie Aurora (Bow Shock)'s avatar Valerie Aurora (Bow Shock)
Browse files

Remove host reference & duplicate DMIN, update CRA mapping

parent fe909a91

EN-304-626.md

+12 −42
Original line number Diff line number Diff line
@@ -1309,9 +1309,9 @@ The product shall reset to its secure-by-default state after a power cycle or re 


The product shall provide a method to securely transfer all data and settings from the product to other products or systems.



#### 5.2.X.x **MI-DTTH**: Data transfer to host

#### 5.2.X.x **MI-DTTH**: Data transfer



The product shall provide a method by which an authorized user on the host system can securely read all data and settings from the product.

The product shall provide a method by which an authorized user can securely read all data and settings from the product.



  * Reference: TR-SDTR
@@ -1365,36 +1365,6 @@ All sources of data processed by the product in its secure-by-default configurat 
|---------------------|----------------------|

| any                 | DJST                 |



### 5.2.X **TR-DMIN**:



The product shall minimize the data processed.



#### 5.2.X.x **MI-DJST**: Document and justify processed data



All sources of data processed by the product in its secure-by-default configuration shall be documented. All sources of data processed shall have a documented rationale for why its processing is necessary for the functioning of the product in its secure-by-default configuration.



  * Reference: TR-DMIN



  * Objective: Minimize data processed



  * Preparation: List all potential sources of data for the product. For each source of data, identify a method to detect whether the product is processing data from that source. List all states of the product with different exposed interfaces of the product in its secure-by-default configuration, including but not limited to initial configuration, startup, in use, idle, shutdown, and reset, if applicable. For each distinct source of data processed in any state of the product in its secure-by-default configuration, describe the data processed and why it must be processed for the product to perform its functions.



  * Activities: Using the list of sources of data, the list of states of the product, and the method to detect whether the product is processing data from that source, list all sources of data processed in each state. Compare to the documented list.



  * Verdict: All sources of processed data are documented, including rationale => PASS, otherwise => FAIL



  * Evidence: List of sources of data, list of product states, documentation of each source of data, list of sources of data processed in each state, connection between each discovered source of processed data to its documentation



#### 5.2.X.x Mapping of mitigations to risk factors and security profiles



| Risk factors        | Requires mitigations |

|---------------------|----------------------|

| any                 | DJST                 |



| Security Profile    | Requires mitigations |

|---------------------|----------------------|

| any                 | DJST                 |



### 5.2.X **TR-SCUD**: Secure updates



The product shall be securely updateable by the user.
@@ -2144,18 +2114,18 @@ FIXME should be Annex ZA 
|-------------------------------------------------|------------------------------------|

| No known exploitable vulnerabilities            |                                    |

| Secure design, development, production          | TEST?                              |

| Secure by default configuration                 |                                    |

| Secure updates                                  |                                    |

| Authentication and access control mechanisms    | MISO                               |

| Confidentiality protection                      | MISO                               |

| Secure by default configuration                 | SDEF                               |

| Secure updates                                  | SCUD                               |

| Authentication and access control mechanisms    |                                    |

| Confidentiality protection                      | MISO, MSAF, CONF                   |

| Integrity protection for data and configuration | MISO                               |

| Data minimization                               |                                    |

| Data minimization                               | DMIN                               |

| Availability protection                         |                                    |

| Minimize impact on other devices or services    |                                    |

| Limit attack surface                            | MISO, MINI                         |

| Exploit mitigation by limiting incident impact  | MISO                               |

| Logging and monitoring mechanisms               |                                    |

| Secure deletion and data transfer               |                                    |

| Limit attack surface                            | MISO, MSAF, LMAS                   |

| Exploit mitigation by limiting incident impact  | MISO, MSAF                         |

| Logging and monitoring mechanisms               | LSRE, LLTP, RLTP                   |

| Secure deletion and data transfer               | SCDL, SDTR                         |



# Annex B (informative): Relationship between the present document and any related ETSI standards (if any)