Loading EN-304-626.md +9 −9 Original line number Diff line number Diff line Loading @@ -2279,9 +2279,9 @@ Mitigations for Likelihood: | **UC-LA-1** | 1 | 2 | 2 | 2 | 2 | 2 | 1 | 3 | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 3 | 31 | | **UC-LA-2** | 1 | 2 | 2 | 2 | 3 | 3 | 1 | 3 | 1 | 1 | 2 | 2 | 2 | 2 | 1 | 1 | 3 | 31 | | **UC-PS-1** | 1 | 2 | 2 | 2 | 2 | 2 | 0 | 3 | 0 | 1 | 2 | 1 | 2 | 2 | 0 | 1 | 2 | 24 | | **UC-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 21 | | **UC-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 23 | | **UC-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 25 | | **UC-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 20 | | **UC-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 22 | | **UC-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 24 | ## C.6 Security profiles and security assurance levels Loading @@ -2308,9 +2308,9 @@ Security profiles are associated with sets of risk factor levels. Each security | **SP-LA-1** | 1 | 2 | 2 | 2 | 2 | 2 | 1 | 2 | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 3 | 31 | | **SP-LA-2** | 1 | 2 | 2 | 2 | 3 | 3 | 1 | 2 | 1 | 1 | 2 | 2 | 2 | 2 | 1 | 1 | 3 | 31 | | **SP-PS-1** | 1 | 2 | 2 | 2 | 2 | 2 | 0 | 2 | 0 | 1 | 2 | 1 | 2 | 2 | 0 | 1 | 2 | 23 | | **SP-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 21 | | **SP-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 23 | | **SP-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 25 | | **SP-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 20 | | **SP-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 22 | | **SP-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 24 | ### C.6.3 Security assurance levels Loading Loading @@ -2340,9 +2340,9 @@ Security assurance levels are informed by but not determined by the risk factor | **SP-LA-1** | Personal laptop | 31 | HIGH | | **SP-LA-2** | Enterprise laptop | 31 | HIGH | | **SP-PS-1** | Personal server | 24 | MED | | **SP-SE-1** | Enterprise server in a datacenter with no user accounts | 21 | MED | | **SP-SE-2** | Enterprise server in a datacenter with only trusted user accounts | 23 | MED | | **SP-SE-3** | Enterprise server in a datacenter hosting many untrusted user accounts | 25 | MED | | **SP-SE-1** | Enterprise server in a datacenter with no user accounts | 20 | MED | | **SP-SE-2** | Enterprise server in a datacenter with only trusted user accounts | 22 | MED | | **SP-SE-3** | Enterprise server in a datacenter hosting many untrusted user accounts | 24 | MED | # Annex D (informative): Risk evaluation guidance Loading Loading
EN-304-626.md +9 −9 Original line number Diff line number Diff line Loading @@ -2279,9 +2279,9 @@ Mitigations for Likelihood: | **UC-LA-1** | 1 | 2 | 2 | 2 | 2 | 2 | 1 | 3 | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 3 | 31 | | **UC-LA-2** | 1 | 2 | 2 | 2 | 3 | 3 | 1 | 3 | 1 | 1 | 2 | 2 | 2 | 2 | 1 | 1 | 3 | 31 | | **UC-PS-1** | 1 | 2 | 2 | 2 | 2 | 2 | 0 | 3 | 0 | 1 | 2 | 1 | 2 | 2 | 0 | 1 | 2 | 24 | | **UC-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 21 | | **UC-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 23 | | **UC-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 25 | | **UC-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 20 | | **UC-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 22 | | **UC-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 24 | ## C.6 Security profiles and security assurance levels Loading @@ -2308,9 +2308,9 @@ Security profiles are associated with sets of risk factor levels. Each security | **SP-LA-1** | 1 | 2 | 2 | 2 | 2 | 2 | 1 | 2 | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 2 | 3 | 31 | | **SP-LA-2** | 1 | 2 | 2 | 2 | 3 | 3 | 1 | 2 | 1 | 1 | 2 | 2 | 2 | 2 | 1 | 1 | 3 | 31 | | **SP-PS-1** | 1 | 2 | 2 | 2 | 2 | 2 | 0 | 2 | 0 | 1 | 2 | 1 | 2 | 2 | 0 | 1 | 2 | 23 | | **SP-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 21 | | **SP-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 23 | | **SP-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 3 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 25 | | **SP-SE-1** | 0 | 0 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 20 | | **SP-SE-2** | 1 | 1 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 22 | | **SP-SE-3** | 2 | 3 | 2 | 3 | 3 | 3 | 0 | 2 | 0 | 1 | 2 | 1 | 1 | 1 | 0 | 0 | 1 | 24 | ### C.6.3 Security assurance levels Loading Loading @@ -2340,9 +2340,9 @@ Security assurance levels are informed by but not determined by the risk factor | **SP-LA-1** | Personal laptop | 31 | HIGH | | **SP-LA-2** | Enterprise laptop | 31 | HIGH | | **SP-PS-1** | Personal server | 24 | MED | | **SP-SE-1** | Enterprise server in a datacenter with no user accounts | 21 | MED | | **SP-SE-2** | Enterprise server in a datacenter with only trusted user accounts | 23 | MED | | **SP-SE-3** | Enterprise server in a datacenter hosting many untrusted user accounts | 25 | MED | | **SP-SE-1** | Enterprise server in a datacenter with no user accounts | 20 | MED | | **SP-SE-2** | Enterprise server in a datacenter with only trusted user accounts | 22 | MED | | **SP-SE-3** | Enterprise server in a datacenter hosting many untrusted user accounts | 24 | MED | # Annex D (informative): Risk evaluation guidance Loading
