search

nmfta-repo / nmfta-telematics_security_requirements

Cybersecurity requirements for telematics systems developed in collaboration with motor freight carriers, telematics service providers and cybersecurity experts.
Other
4 stars 3 forks source link

fix reference to CTIA ICCTP #29

Closed jdaoust closed 3 years ago

jdaoust commented 3 years ago

The matrix references CTIA ICCTP multiple times (f.ex. CTIA ICCTP 4.7 Audit Log, and others). Meanwhile, the nmfta-telematics_security_requirements github references:

  1. CTIA Certification LLC. “IoT Cybersecurity Certification Test Plan.” (ITCCTP) Last modified May 2019. Accessed June 2019. https://api.ctia.org/wp-content/uploads/2019/05/ctia_IoT_cybersecurity_pmd_ver-1_1.pdf

In this reference, the acronym is different, but more importantly the provided link leads to another document called "IoT Cybersecurity Certification Program Management Document version 1.1 May 2019". This document does not contain certain sections that are referenced in the matrix, notably “4.7 Audit Log”.

CTIA has two possible files that have the correct sections:

Cybersecurity Certification Test Plan for IoT Devices, Version 1.2.2, January 2021, available at : https://ctiacertification.org/wp-content/uploads/2020/10/CTIA-Cybersecurity-Test-Plan-1.2.2.pdf

or,

Cybersecurity Certification Program for IoT Devices, Version 1.4, January 2021, available at: https://ctiacertification.org/device-certification-programs/#IoT-Cybersecurity-Certification

BenGardiner commented 3 years ago

at the 20210614 meeting it was decided to correct the reference text to match the test plan document