Fulfillment of the requirements (FR3)
Requirement
| SL 1 | Recommended compensatory measures at system level |
|---|---|---|
CR 3.1 – Communication integrity | –Communication is protected by a cyclic redundancy check (CRC). | |
CR 3.1 RE (1) – Authentication of communication | o | – |
EDR 3.2 – Protection against malicious codes | – | |
CR 3.3 – Verification of the IT security functionality | – | The system integrator must provide the operator with instructions for checking the required IT security measures. |
CR 3.3 RE (1) – Verification of IT security functionality during ongoing operation | o | – |
CR 3.4 – Software and information integrity | – | |
CR 3.4 RE (1) – Authenticity of the software and information | o | – |
CR 3.4 RE (2) – Automated notification of IT security violations | o | – |
CR 3.5 – Input validation | ✔ | – |
CR 3.6 – Predetermined output states | ✔Responses to errors such as network timeout or network overload are defined. | – |
CR 3.7 – Troubleshooting | ✔ | – |
CR 3.8 – Session integrity | o | – |
CR 3.9 – Protection of audit information | o | – |
CR 3.9 RE (1) – Event records on write-once storage media | o | – |
EDR 3.10 – Support for updates | ✔ | |
EDR 3.10 RE (1) – Authenticity and integrity of updates | o | – |
EDR 3.11 – Protection against and detection of physical tampering | o | – |
EDR 3.11 RE (1) – Notification of a tampering attempt | o | – |
EDR 3.12 – Provision of manufacturer trust anchors | o | –
|
EDR 3.13 – Provision of operator trust anchors | o | – |
EDR 3.14 – Integrity of boot processes | –Integrity is protected by a cyclic redundancy check (CRC). | |
EDR 3.14 RE (1) – Authenticity of the boot process | o | – |
