Commit ccb9211b authored by Valerie Aurora (Bow Shock)'s avatar Valerie Aurora (Bow Shock)
Browse files

Add references and references to references 

Co-authored-by: ETSI EditHelp
parent 739a4da1

EN-304-626.md

+20 −6
Original line number Diff line number Diff line
@@ -246,19 +246,34 @@ References are either specific (identified by date of publication and/or edition 


The following referenced documents may be useful in implementing an ETSI deliverable or add to the reader's understanding but are not required for conformance to the present document.



* <a name="_ref_i.1">[i.1]</a>    BSI CC-PP-0067 "Operating System Protection Profile".

* <a name="_ref_i.1">[i.1]</a>    Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act).



* <a name="_ref_i.number">[i.number]</a>    ETSI TS 103 732 "Consumer Mobile Device Protection Profile".

* <a name="_ref_i.2">[i.2]</a>    C(2025)618 – Standardisation request M/606: Commission Implementing decision of 3.2.2025 on a standardisation request to the European Committee for Standardisation (CEN), the European Committee for Electrotechnical Standardisation (Cenelec) and the European Telecommunications Standards Institute (ETSI) as regards products with digital elements in support of Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act).



* <a name="_ref_i.3">[i.3]</a>    ETSI EN 303 645: "CYBER; Cyber Security for Consumer Internet of Things: Baseline Requirements".



* <a name="_ref_i.4">[i.4]</a>    ETSI TS 103 701: "Cyber Security (CYBER); Cyber Security for Consumer Internet of Things:Conformance Assessment of Baseline Requirements".



* <a name="_ref_i.5">[i.5]</a>    EN 18031 series: "Common security requirements for radio equipment" (produced by CEN/CENELEC).



* <a name="_ref_i.6">[i.6]</a>    CEN/CLC JTC13: "Cybersecurity and Data Protection".



* <a name="_ref_i.7">[i.7]</a>    ISO/IEC 15408: "Information security, cybersecurity and privacy protection — Evaluation criteria for IT security".



* <a name="_ref_i.8">[i.8]</a>    BSI CC-PP-0067 "Operating System Protection Profile".



* <a name="_ref_i.9">[i.9]</a>    ETSI TS 103 732 "Consumer Mobile Device Protection Profile".



* <a name="_ref_i.number">[i.number]</a>    &lt;Standard Organization acronym> &lt;document number> (&lt;version number>): "&lt;Title>".





# 3 Definition of terms, symbols and abbreviations



> **NOTE: Existing ETSI terms and abbrevations can be searched here: [https://webapp.etsi.org/Teddi/](https://webapp.etsi.org/Teddi/)**



## 3.1 Terms



This clause provides terms and definitions based on CEN/CLC JTC13 WG09's work on terms and definitions, terms and definitions provided by ETSI EN 303 645/TS 103 701 and by CEN/CLC EN 18031 series, and informed by terms used in the Common Criteria and the NIAP Operating System Protection Plan guide.

This clause provides terms and definitions based on CEN/CLC JTC13 WG09's <a href="#_ref_i.6">[i.6]</a> work on terms and definitions, terms and definitions provided by ETSI EN 303 645/TS 103 701 <a href="#_ref_i.3">[i.3]</a> and by CEN/CLC EN 18031 <a href="#_ref_i.5">[i.5]</a> series, and informed by terms used in the Common Criteria and the NIAP Operating System Protection Plan <a href="#_ref_i.8">[i.8]</a>guide.



For the purposes of the present document, the following terms apply:
@@ -273,8 +288,7 @@ For the purposes of the present document, the following terms apply: 


**Input/Output:** The process or function for passing data to or from a given process over a specific interface. Such I/O interfaces include, but are not limited to, serial ports, network ports, long-term storage devices including hard drives and flash drives, as well as human-interface ports such as display and audio devices.



**Common Criteria (CC):** Common Criteria for Information Technology Security Evaluation (International Standard

ISO/IEC 15408).

**Common Criteria (CC):** Common Criteria for Information Technology Security Evaluation (International Standard ISO/IEC 15408).<a href="#_ref_i.7">[i.7]</a>



**Administrator:** An entity that is responsible for management activities, including setting policies that are applied by the enterprise on the operating system. This administrator could be acting remotely through a management server, from which the system receives configuration policies. An administrator can enforce settings on the system which cannot be overridden by non-administrator users.
@@ -337,7 +351,7 @@ For the purposes of the present document's risk analysis, the following abbrevia 


## 4.1 General



> NOTE: This clause's structure is built upon CEN/CLC JTC13 PT01's deliverable and might require restructuring based on its progress.

> NOTE: This clause's structure is built upon CEN/CLC JTC13 PT01's <a href="#_ref_i.6">[i.6]</a>deliverable and might require restructuring based on its progress.



## 4.2 Out of scope use/environments