UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ETSI - TS 102 165-1

CYBER; Methods and protocols; Part 1: Method and pro forma for Threat, Vulnerability, Risk Analysis (TVRA)

active, Most Current
Organization: ETSI
Publication Date: 1 October 2017
Status: active
Page Count: 66
scope:

The present document defines a method primarily for use by ETSI standards developers in undertaking an analysis of the threats, risks and vulnerabilities of an Information and Communications Technology (ICT) system.

NOTE: The method described has been tailored to apply to pre-production but can be applied to production devices with due attention given to possibility that the application of countermeasures may be unachievable for a re-design strategy.

The method described in the present document builds from the Common Criteria for security assurance and evaluation defined in ISO/IEC 15408 [i.27], [i.28], [i.29] and specifically targets the means to build a Threat Vulnerability and Risk Analysis (TVRA) to allow its reference by an ETSI specification developed using the guidelines given in ETSI EG 202 387 [i.1] and ETSI ES 202 382 [i.24]. The TVRA forms part of the documentation set for the Target Of Evaluation as specified in ETSI ES 202 382 [i.24] with its intended audience being a developer of standards based Protection Profiles.

The use of the method described in the present document for application outside the "Design for Assurance" paradigm described in ETSI EG 202 387 [i.1] is supported but some of the examples and stages of evaluation may not be appropriate.

Document History

TS 102 165-1
October 1, 2017
CYBER; Methods and protocols; Part 1: Method and pro forma for Threat, Vulnerability, Risk Analysis (TVRA)
The present document defines a method primarily for use by ETSI standards developers in undertaking an analysis of the threats, risks and vulnerabilities of an Information and Communications...
March 1, 2011
Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Methods and protocols; Part 1: Method and proforma for Threat, Risk, Vulnerability Analysis
The present document defines a method for use by ETSI standards developers in undertaking an analysis of the threats, risks and vulnerabilities of a telecommunications system. The method builds from...
December 1, 2006
Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Methods and protocols; Part 1: Method and proforma for Threat, Risk, Vulnerability Analysis
The present document defines a method for use by ETSI standards developers in undertaking an analysis of the threats, risks and vulnerabilities of a telecommunications system. The method builds from...
February 1, 2003
Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON) Release 4; Protocol Framework Definition; Methods and Protocols for Security; Part 1: Threat Analysis
The present document defines by means of an information model, a functional entity behavioural model, and by validated SDL a model of the abstract behaviour of each service and service capability...

References

Advertisement