Standard

ETSI TS 102 165-1

Revised

Note: This standard has a new edition: ETSI TS 102 165-1

Singles purchase not accessible

This standard can not be purchased as a single sales.

Abstract

The present document defines a method for use by ETSI standards developers in undertaking an analysis of the threats, risks and vulnerabilities of a telecommunications system. The method builds from the Common Criteria for security assurance and evaluation defined in ISO/IEC 15408 [9] and specifically targets the means to build a Threat Vulnerability and Risk Analysis (TVRA) to allow its reference by an ETSI specification developed using the guidelines given in EG 202 387 [i.1] and ES 202 382 [2]. The TVRA forms part of the documentation set for the Target Of Evaluation as specified in ES 202 382 [2] with its intended audience being a developer of standards based Protection Profiles. The Unified Modelling Language (UML) is used to model relationships within systems for analysis within the TVRA as a semi-formal tool with verification and simulation capabilities deployed during development. NOTE: This is in accordance with the goals of the eEurope project under objective Good practices (COM(2002) 263 page 18) [i.8]. The present document provides a database definition for TVRA and provides, in annexes, the application of the TVRA method to a number of NGN subsystems or components. The database definition is appended to the present document as a text file containing Structured Query Language (SQL) database definition commands.

Document information

  • Standard from ETSI_AC
  • Published:
  • Version: 0
  • Document type: IS
  • Additional information
  • V4.2.3; Includes Diskette