search

nmfta-repo / nmfta-telematics_security_requirements

Cybersecurity requirements for telematics systems developed in collaboration with motor freight carriers, telematics service providers and cybersecurity experts.
Other
4 stars 3 forks source link

correct format for xrefs to FMCSA document #24

Closed jdaoust closed 3 years ago

jdaoust commented 3 years ago

All non-homogeneity in the format of external references to the FMCSA document (“Cybersecurity Best Practices for Integration/Retrofit of Telematics and Aftermarket Electronic Systems into Heavy Vehicles May 2020”) was removed by changing the previous formats (FMCSA GDL # … or [GDL #] ...) to a common one (FMCSA GDL # ...).

This version of the matrix builds up on the one containing the changes suggested in Pull Request #23

Here is a text-diff of the changes to the XLS:


diff --git a/PRE-UPDATE_TCRM.csv b/POST-UPDATE_TCRM.csv
index 91438fa..5987868 100755
--- a/PRE-UPDATE_TCRM.csv
+++ b/POST-UPDATE_TCRM.csv
@@ -85,11 +85,11 @@ Connectivity/Communications;",AC-060,Access Control,"For all components of the s
 a. Establish configuration requirements, connection requirements, and implementation guidance for each type of wireless access; and
 b. Authorize each type of wireless access to the system prior to allowing such connections.","Inspection of vendor-supplied documentation detailing what wireless communications hardware is present, which wireless communications methods can be disabled, and how wireless communications enablement or disablement is managed.",Medium,"e.g. Bluetooth, cellular, satellite, Wi-Fi hotspot, Wi-Fi client, infrared, NFC, RFID","AC-060 (Access Control) - For all components of the system, the vendor shall provide a listing of all wireless communication interfaces to the system and specify how the interfaces can be configured and/or disabled.",No,Yes,Yes,No
 "Physical In-Cab Device;
-Connectivity/Communications;",AC-061,Access Control,"The vendor shall not use any deprecated encryption+authentication on any WiFi interface of the device. At the time of drafting this includes WEP, WPS or open/none.","[GDL 39] Only use WPA2 authentication / encryption. Never use WEP, WPS, or “open” Wi-Fi.","Test that the device will not connect to WEP, WPS or open Wi-Fi hotspots.",Medium,,"AC-061 (Access Control) - The vendor shall not use any deprecated encryption+authentication on any WiFi interface of the device. At the time of drafting this includes WEP, WPS or open/none.",No,Yes,Yes,No
+Connectivity/Communications;",AC-061,Access Control,"The vendor shall not use any deprecated encryption+authentication on any WiFi interface of the device. At the time of drafting this includes WEP, WPS or open/none.","FMCSA GDL 39 Only use WPA2 authentication / encryption. Never use WEP, WPS, or “open” Wi-Fi.","Test that the device will not connect to WEP, WPS or open Wi-Fi hotspots.",Medium,,"AC-061 (Access Control) - The vendor shall not use any deprecated encryption+authentication on any WiFi interface of the device. At the time of drafting this includes WEP, WPS or open/none.",No,Yes,Yes,No
 "Physical In-Cab Device;
-Connectivity/Communications;",AC-062,Access Control,"The vendor shall implement, for all bluetooth interfaces,  pairing that must be specifically allowed by physical controls on the device and be time-limited. Furthermore, pairing will not use legacy pairing or passkey entry.","[GDL 44] Make sure Bluetooth devices support and use Secure Simple Pairing (SSP) rather than legacy pairing.
+Connectivity/Communications;",AC-062,Access Control,"The vendor shall implement, for all bluetooth interfaces,  pairing that must be specifically allowed by physical controls on the device and be time-limited. Furthermore, pairing will not use legacy pairing or passkey entry.","FMCSA GDL 44 Make sure Bluetooth devices support and use Secure Simple Pairing (SSP) rather than legacy pairing.

-[GDL 45] Numeric Comparison is preferred to Passkey Entry for pairing.","Test that it is not possible to pair with the device 5 minutes after enabling pairing on the device. Test that pairing does not support SSP or passkey, only numeric comparison.",Medium,,"AC-062 (Access Control) - The vendor shall implement, for all bluetooth interfaces,  pairing that must be specifically allowed by physical controls on the device and be time-limited. Furthermore, pairing will not use legacy pairing or passkey entry.",No,Yes,Yes,No
+FMCSA GDL 45 Numeric Comparison is preferred to Passkey Entry for pairing.","Test that it is not possible to pair with the device 5 minutes after enabling pairing on the device. Test that pairing does not support SSP or passkey, only numeric comparison.",Medium,,"AC-062 (Access Control) - The vendor shall implement, for all bluetooth interfaces,  pairing that must be specifically allowed by physical controls on the device and be time-limited. Furthermore, pairing will not use legacy pairing or passkey entry.",No,Yes,Yes,No
 "Physical In-Cab Device;
 Connectivity/Communications;",AC-063,Access Control,Any and all software or firmware implementing wirelss interface encrytion+authentication (those satisfying AC-061 and AC-062 above) will be prepared for future deprecation of methods. i.e. That software/firmware is upgradable.,,Inspection of vendor-supplied documentation confirming upgradability of the software implementing encryption+authentication of wireless interfaces.,Medium,,AC-063 (Access Control) - Any and all software or firmware implementing wirelss interface encrytion+authentication (those satisfying AC-061 and AC-062 above) will be prepared for future deprecation of methods. i.e. That software/firmware is upgradable.,No,Yes,Yes,No
 Cloud or Back-end;,AC-070,Identification and Authentication,Authentication attempts to the vendor’s devices and backends shall be rate-limited to an industry accepted rate.,"NIST 800-53 r5 AC-7 - UNSUCCESSFUL LOGON ATTEMPTS 
@@ -571,9 +571,9 @@ Certificate pinning shall be implemented on all telematics device to server comm
 "Mobile App;
 Connectivity/Communications;
 Cloud or Back-end;
-",SCP-091,System and Communication Protocols,The vendor shall implement checks for expired certificates and ensure the ability to remove trust in any given root certificate authority from their systems and devices PKI implementations.,"[GDL 51] Check whether keys have expired or been revoked.
+",SCP-091,System and Communication Protocols,The vendor shall implement checks for expired certificates and ensure the ability to remove trust in any given root certificate authority from their systems and devices PKI implementations.,"FMCSA GDL 51 Check whether keys have expired or been revoked.

-[GDL 52] Ensure the ability to remove a Root CA’s certificate.","Test that root certificate trust can be removed. This should result in failure to establish communications or a failure to validate updates, depending on which system is being tested.",Medium,,SCP-091 (System and Communication Protocols) - The vendor shall implement checks for expired certificates and ensure the ability to remove trust in any given root certificate authority from their systems and devices PKI implementations.,Yes,No,Yes,Yes
+FMCSA GDL 52 Ensure the ability to remove a Root CA’s certificate.","Test that root certificate trust can be removed. This should result in failure to establish communications or a failure to validate updates, depending on which system is being tested.",Medium,,SCP-091 (System and Communication Protocols) - The vendor shall implement checks for expired certificates and ensure the ability to remove trust in any given root certificate authority from their systems and devices PKI implementations.,Yes,No,Yes,Yes
 "Vehicle Connection;
 ",SCP-100,System and Communication Protocols,The vendor's system shall separate execution domains and/or processes (i.e. process isolation within both the telematics device and back-end system and between the serial communications in the telematics device and the interface to the vehicle network),"NIST 800-53 r5 SC-39 - PROCESS ISOLATION 
 Maintain a separate execution domain for each executing system process.
@@ -743,7 +743,7 @@ FMCSA GDL 22 Leverage security controls built in to the operating system","Inspe
 Vehicle Connection;
 Connectivity/Communications;
 Cloud or Back-end;
-",SII-071,Protecting Firmware on Devices,"The vendor shall use the techniques of sanitizing/filtering inputs, segmenting memory spaces of input parsers from other execution and/or using provably correct or memory safe languages for input processing.","[GDL 26] Filter input to any device or interface that gets digitally processed.
+",SII-071,Protecting Firmware on Devices,"The vendor shall use the techniques of sanitizing/filtering inputs, segmenting memory spaces of input parsers from other execution and/or using provably correct or memory safe languages for input processing.","FMCSA GDL 26 Filter input to any device or interface that gets digitally processed.
 ",Inspection of vendor documentation detailing the filtering performed on inputs to the software.,Medium,,"SII-071 (Protecting Firmware on Devices) - The vendor shall use the techniques of sanitizing/filtering inputs, segmenting memory spaces of input parsers from other execution and/or using provably correct or memory safe languages for input processing.",Yes,Yes,Yes,Yes
 "Mobile App;
 Vehicle Connection;
BenGardiner commented 3 years ago

at the 20210614 meeting these changes were reviewed and approved. thank you, @jdaoust 👍