Fulfillment of the requirements (FR2)

Requirement	SL 1	Recommended compensatory measures at system level
CR 2.1 – Authorization enforcement	–	M1, M3
CR 2.1 RE (1) – Enforcement of authorization for all users (human users, software processes, and devices)	o	–
CR 2.1 RE (2) – Mapping permissions to roles	o	–
CR 2.1 RE (3) – Intervention by supervisory personnel	o	–
CR 2.1 RE (4) – Double consent	o	–
CR 2.2 – Wireless use control	o	–
CR 2.3 – Portable and mobile device use control	oThe product does not use a mobile code. There are no component-level requirements for IEC 62443-3-3 SR 2.3.	–
EDR 2.4 – Mobile code	oThe product does not use a mobile code.	–
EDR 2.4 RE (1) – Authenticity check of mobile codes	o	–
CR 2.5 – Session lock	–	M3
CR 2.6 – Remote session termination	o	–
CR 2.7 – Concurrent session control	o	–
CR 2.8 – Auditable events	–	Handle IT security event records at the system level. Required categories: Access control, faulty requests, events in the automation system, events during backup and restore, configuration changes, events visible in the event log Required information: Timestamp, source, category, type, event ID, result of the event
CR 2.9 – Audit storage capacity	–	Handle IT security event records at the system level.
CR 2.9 RE (1) – Warning when the storage capacity for event records is reached	o	–
CR 2.10 – Response to audit processing failures	–	Handle IT security event records at the system level.
CR 2.11 – Timestamp	–	Handle IT security event records at the system level.
CR 2.12 – Non-repudiation	–	M1, M3
CR 2.12 RE (1) – Non-repudiation for all users	o	–
EDR 2.13 – Use of physical diagnostic and test interfaces	o	–