etsi-303645.rst - OpenGrok cross reference for /Zephyr-latest/doc/security/standards/etsi-303645.rst

Lines Matching full:security
7 **ETSI EN 303 645**, also known as "Cyber Security for Consumer Internet
59     * - critical security parameter
60       - security-related secret information whose disclosure or modification can compromise
61         the security of a security module.
70         manufacturer will provide security updates.
115     * - public security parameter
116       - security related public information whose modification can compromise the security of a
117         security module.
122     * - security module
123       - set of hardware, software, and/or firmware that implements security functions.
125     * - security update
126       - software update that addresses security vulnerabilities either discovered by or reported
129     * - sensitive security parameters
130       - critical security parameters and public security parameters.
257       - Manufacturers should continually monitor for, identify and rectify security
296         security updates are available.
305         can enable, disable, or postpone installation of security updates and/or
320       - Security updates shall be timely.
344         that a security update is required together with information on the risks
394       - Sensitive security parameters in persistent storage shall be stored securely by the device.
401       - Where a hard-coded unique per device identity is used in a device for security purposes,
410       - Hard-coded critical security parameters in device software source code shall not be used.
417       - Any critical security parameters used for integrity and authenticity checks of software
435         network and security functionalities, particularly in the field of cryptography.
457       - Device functionality that allows security-relevant changes in configuration via a
467       - Critical security parameters should be encrypted in transit, with such encryption
475       - The consumer IoT device shall protect the confidentiality of critical security
483       - The manufacturer shall follow secure management processes for critical security
499         unauthenticated disclosure of security-relevant information.
535       - Software should run with least necessary privileges, taking account of both security
539       - :ref:`Security Overview <security-overview>`
554 …   - :ref:`Security Overview  <security-overview>` and :ref:`Coding guidelines <coding_guidelines>`
562         Also see :ref:`Security Overview  <west-sign>`.
627         and measurement data, it should be examined for security anomalies.
666         user and should follow security best practice on usability.