Protection Profiles Specifications

It aims to evaluate existing standards and frameworks related to protection profiles. This includes the Common Criteria (CC, ISO/IEC 15408) and EAL standards, existing projects such as D-MILS, TAPPS and other related projects like MILS-PP, as well as security concepts of related technical areas in the scope of cyber-physical systems. It will include the description of: • The operational environment (combination of threats, assumptions and policies that the components need to enforce) based on the operational scenario identified in WP2 and risk assessments in WP3 as well as identified threats in WP4 • Security objectives for the systems and the operational environment will be derived based on mitigation strategies and countermeasures identified in WP5 • Security functional requirements (SFRs) and security assurance requirements (SARs) will describe security functionality that need to be provided by specific system and evaluation activities to be performed to ensure that security mechanisms in these systems are sufficient and implemented correctly. The protection profiles developed in Task 6.2 will be compared to the security functionality provided by the operational railway system (Task 2.3).