Add minimisation of impact requirement (49efef73) · Commits · STAN4CRA / EN 304 626 Operating Systems

EN-304-626.md

+40 −2

Original line number	Diff line number	Diff line
		@@ -1793,6 +1793,44 @@ Guidance: One type of event whose log message must take care to not accidentally

		> FIXME: Update when risk factors are updated

		5.X.Y TR-MIMP:

		The product shall minimise its negative impact on other products or services.

		5.X.Y.Z MI-MNET:

		The product shall minimise its negative impact on other products or services via the data it transmits on the network. Each source of network data shall be documented, along with the ways it can interfere with other products or services, and methods the product uses to minimise that interference.

		* Reference: TR-MIMP
		* Objective: Minimise negative impact on others
		* Preparation: List all sources of transmitted network data on the product
		* Activities: For each method of sending network data, examine the documentation of the ways it can interfere with other products or services, and what methods the product uses to minimise that interference
		* Verdict: Every method of sending network data is documented with ways it can interface and methods used to minimise => PASS, otherwise FAIL
		* Evidence: All configuration files for network services, documentation of network services and their impact and methods to minimise it, internal lists of listening ports, results of an external port scan

		5.X.Y.Z MI-MAMP:

		The product shall mitigate abuse of network services that amplify network traffic in manner that can be used to attack other devices. Each network service and its associated mitigations shall be documented.

		* Reference: TR-MIMP
		* Objective: Minimise negative impact on others
		* Preparation: List all network services that return responses larger than the recieved packet without authorization of the source
		* Activities: For each network service, examine the documentation of the steps taken to limit access, rate-limit, or otherwise mitigate the use of the service in traffic amplication attacks
		* Verdict: Every method of sending network data is documented with how its impact on others has been mitigated => PASS, otherwise FAIL
		* Evidence: All configuration files for network services, documentation of network services and their impact and methods to minimise it, internal lists of listening ports, results of an external port scan, calculation of traffic amplification factors

		\| Risk factors \| Requires mitigations \|
		\|---------------------\|----------------------\|
		\| TNET < 1 & FNET < 1 \| none \|
		\| TNET > 0 \| MNET \|
		\| FNET > 0 \| MAMP \|

		\| Security Profile \| Requires mitigations \|
		\|------------------\|----------------------\|
		\| LR, IoT-1 \| none \|
		\| IoT-2, IoT-3 \| MNET \|
		\| all others \| MNET, MAMP \|

		### 5.2.X TR-SCUD: Secure updates

		### 5.2.X.x Requirement
		@@ -2130,12 +2168,12 @@ Description: Firewall for enterprise network
		\| Secure design, development, production \| MSAF \|
		\| Secure by default configuration \| SDEF \|
		\| Secure updates \| SCUD \|
		\| Authentication and access control mechanisms \| \|
		\| Authentication and access control mechanisms \| _waiting on cross-vertical_ \|
		\| Confidentiality protection \| MISO, MSAF, CDST, CDTX \|
		\| Integrity protection for data and configuration \| MISO, IDST, IDTX \|
		\| Data minimization \| DMIN \|
		\| Availability protection \| \|
		\| Minimize impact on other devices or services \| \|
		\| Minimize impact on other devices or services \| MIMP \|
		\| Limit attack surface \| MISO, MSAF, LMAS \|
		\| Exploit mitigation by limiting incident impact \| MISO, MIME MSAF \|
		\| Logging and monitoring mechanisms \| LOGG \|

Original line number	Diff line number	Diff line
		@@ -1793,6 +1793,44 @@ Guidance: One type of event whose log message must take care to not accidentally

		> FIXME: Update when risk factors are updated

		5.X.Y TR-MIMP:

		The product shall minimise its negative impact on other products or services.

		5.X.Y.Z MI-MNET:

		The product shall minimise its negative impact on other products or services via the data it transmits on the network. Each source of network data shall be documented, along with the ways it can interfere with other products or services, and methods the product uses to minimise that interference.

		* Reference: TR-MIMP
		* Objective: Minimise negative impact on others
		* Preparation: List all sources of transmitted network data on the product
		* Activities: For each method of sending network data, examine the documentation of the ways it can interfere with other products or services, and what methods the product uses to minimise that interference
		* Verdict: Every method of sending network data is documented with ways it can interface and methods used to minimise => PASS, otherwise FAIL
		* Evidence: All configuration files for network services, documentation of network services and their impact and methods to minimise it, internal lists of listening ports, results of an external port scan

		5.X.Y.Z MI-MAMP:

		The product shall mitigate abuse of network services that amplify network traffic in manner that can be used to attack other devices. Each network service and its associated mitigations shall be documented.

		* Reference: TR-MIMP
		* Objective: Minimise negative impact on others
		* Preparation: List all network services that return responses larger than the recieved packet without authorization of the source
		* Activities: For each network service, examine the documentation of the steps taken to limit access, rate-limit, or otherwise mitigate the use of the service in traffic amplication attacks
		* Verdict: Every method of sending network data is documented with how its impact on others has been mitigated => PASS, otherwise FAIL
		* Evidence: All configuration files for network services, documentation of network services and their impact and methods to minimise it, internal lists of listening ports, results of an external port scan, calculation of traffic amplification factors

		\| Risk factors \| Requires mitigations \|
		\|---------------------\|----------------------\|
		\| TNET < 1 & FNET < 1 \| none \|
		\| TNET > 0 \| MNET \|
		\| FNET > 0 \| MAMP \|

		\| Security Profile \| Requires mitigations \|
		\|------------------\|----------------------\|
		\| LR, IoT-1 \| none \|
		\| IoT-2, IoT-3 \| MNET \|
		\| all others \| MNET, MAMP \|

		### 5.2.X TR-SCUD: Secure updates

		### 5.2.X.x Requirement
		@@ -2130,12 +2168,12 @@ Description: Firewall for enterprise network
		\| Secure design, development, production \| MSAF \|
		\| Secure by default configuration \| SDEF \|
		\| Secure updates \| SCUD \|
		\| Authentication and access control mechanisms \| \|
		\| Authentication and access control mechanisms \| _waiting on cross-vertical_ \|
		\| Confidentiality protection \| MISO, MSAF, CDST, CDTX \|
		\| Integrity protection for data and configuration \| MISO, IDST, IDTX \|
		\| Data minimization \| DMIN \|
		\| Availability protection \| \|
		\| Minimize impact on other devices or services \| \|
		\| Minimize impact on other devices or services \| MIMP \|
		\| Limit attack surface \| MISO, MSAF, LMAS \|
		\| Exploit mitigation by limiting incident impact \| MISO, MIME MSAF \|
		\| Logging and monitoring mechanisms \| LOGG \|