[cPP CHANGE] No.104 3. Security Problem Definition is older then latest SPD

[fumisano]

What is the change request for the cPP? Please describe. (HCD_cPP_DRAFT_v0.9_2021-08-16.pdf ) This is the same as Master Comments-Matrix(cPP Review) No.104 (Github Issue #170 ). The Section "3. Security Problem Definition" is older than latest SPD.

1) Following five sections are missing in draft. 3.3.5. Week Cryptography 3.5.8. Root of Trust 4.1.14. Authentication Failures 4.1.15. Firmware Integrity 4.1.16. Strong Cryptography

2) Software should be replaced with firmware/software In SPD, the term "software/firmware" is used, but "software" is used in section 3 of draft cPP. They should be replaced with firmware/software to consistent with other parts of HCD cPP.

Describe the solution you'd like Latest SPD (HCD_SPD_DRAFT_v0.4_2021-05-09.pdf) should be inserted into HCD cPP, and the term "software/firmware" would be replaced with "firmware/software". See attached file how to update the section. cPP_Partial.docx

Describe alternatives you've considered none

Additional context none

[fumisano]

Update the solution.

[kwangwoo-lee]

@fumisano Thanks for your valuable comment, HCD Editors group will review it shortly.