|
173 | 173 | <threat name="T.AUDIO_REVERSED"> |
174 | 174 | <description>A malicious agent could re-purpose an authorized audio output peripheral device by converting it to a |
175 | 175 | low‐gain microphone to eavesdrop on the surrounding audio or transfer data across an air‐gap |
176 | | - through audio signaling.</description> |
177 | | - <addressed-by>FDP_APC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
178 | | - ensuring no data or electrical signals can flow between connections and only user-selected |
179 | | - interfaces can rout data.</rationale> |
| 176 | + through audio signaling.</description> |
180 | 177 | <addressed-by>FDP_AFL_EXT.1</addressed-by><rationale>Mitigates this threat by ensuring |
181 | 178 | outgoing audio signals are within the range of human hearing.</rationale> |
182 | 179 | <addressed-by>FDP_UDF_EXT.1/AO</addressed-by><rationale>Mitigates this threat by ensuring |
183 | 180 | output data transit unidirectionally between interfaces.</rationale> |
184 | 181 | </threat> |
185 | 182 |
|
186 | 183 | <threat name="T.DATA_LEAK"> |
187 | | - <from base="bpp-psd"/> |
188 | | - <addressed-by>FDP_APC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
189 | | - requiring restrictions on how data is routed between interfaces.</rationale> |
190 | | - <addressed-by>FDP_PDC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
191 | | - requiring connections to be only from an authorized list of peripheral devices.</rationale> |
| 184 | + <from base="bpp-psd"/> |
192 | 185 | <addressed-by>FDP_AFL_EXT.1</addressed-by><rationale>Mitigates this threat by ensuring |
193 | 186 | signals are filtered within the range of human hearing.</rationale> |
194 | 187 | <addressed-by>FDP_UDF_EXT.1/AO</addressed-by><rationale>Mitigates this threat by ensuring |
|
199 | 192 | <description>A malicious agent could use an unauthorized peripheral device such as a microphone, connected to |
200 | 193 | the TOE audio out peripheral device interface to eavesdrop or transfer data across an air‐gap through |
201 | 194 | audio signaling.</description> |
202 | | - |
203 | | - <addressed-by>FDP_APC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
204 | | - preventing data and electrical signals from flowing between connections.</rationale> |
205 | 195 | <addressed-by>FDP_AFL_EXT.1</addressed-by><rationale>Mitigates this threat by ensuring |
206 | 196 | outgoing signals are filtered to within the range of human hearing.</rationale> |
207 | 197 | <addressed-by>FDP_PDC_EXT.2/AO</addressed-by><rationale>Mitigates this threat by only |
|
214 | 204 |
|
215 | 205 | <threat name="T.SIGNAL_LEAK"> |
216 | 206 | <from base="bpp-psd"/> |
217 | | - <addressed-by>FDP_APC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
218 | | - requiring restrictions on how signals are routed between interfaces.</rationale> |
219 | | - <addressed-by>FDP_PDC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
220 | | - requiring connections to be only from an authorized list of peripheral devices.</rationale> |
221 | 207 | <addressed-by>FDP_AFL_EXT.1</addressed-by><rationale>Mitigates this threat by ensuring |
222 | 208 | signals are filtered within the range of human hearing.</rationale> |
223 | 209 | <addressed-by>FDP_UDF_EXT.1/AO</addressed-by><rationale>Mitigates this threat by ensuring |
224 | 210 | signals transit unidirectionally between interfaces.</rationale> |
225 | 211 | </threat> |
226 | 212 |
|
227 | 213 | <threat name="T.UNAUTHORIZED_DEVICES"> |
228 | | - <from base="bpp-psd"/> |
229 | | - <addressed-by>FDP_APC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
230 | | - requiring restrictions on how signals are routed between interfaces.</rationale> |
231 | | - <addressed-by>FDP_PDC_EXT.1 (Modified)</addressed-by><rationale>Mitigates this threat by |
232 | | - requiring connections to be only from an authorized list of peripheral devices.</rationale> |
| 214 | + <from base="bpp-psd"/> |
233 | 215 | <addressed-by>FDP_PUD_EXT.1</addressed-by><rationale>Mitigates this threat by not |
234 | 216 | allowing power to be connected to any unauthorized device.</rationale> |
235 | 217 | </threat> |
|
0 commit comments