nmfta-repo / nmfta-telematics_security_requirements

Cybersecurity requirements for telematics systems developed in collaboration with motor freight carriers, telematics service providers and cybersecurity experts.
Other
4 stars 3 forks source link

updates to the matrix based on the FMCSA guidelines in the recent report #8

Closed BenGardiner closed 4 years ago

BenGardiner commented 4 years ago

The FMCSA has completed a report, 'Cybersecurity Best Practices for Integration/Retrofit of Telematics and Aftermarket Electronic Systems into Heavy Vehicles' and it is being published imminently. The report offers best practice guidelines labelled by 'GDL NN.' We received a copy from the program manager and reviewed it. There is some overlap between the requirements put together by this working group and those in the FMCSA report.

There is also some content 'missing' in both the report and matrix with respect to the other. In this pull request we 1) add FMCSA GDL references to the 'external ref' column of the matrix where the guidelines overlap with the requirements put together by this working group and 2) add new requirements to the matrix in reference to the FMCSA guidelines where the current set of requirements had a gap. There are also some formatting changes accumulated since the release of v1.2.

I have attached a stylized word-diff of the matrix sheet in an zipped HTML file. This is one of the only ways I know of to review detailed differences in excel sheets. Deletions are marked in red, additions are marked in green:

ready-diff.zip

BenGardiner commented 4 years ago

update: the 'Cybersecurity Best Practices for [...] Heavy Vehicles' report is now available in the National Transportation Library. It became available sometime between yesterday at 4PM EST and now. You can download a copy from here https://rosap.ntl.bts.gov/gsearch?collection=&terms=cyber&x=0&y=0

BenGardiner commented 4 years ago

The changes in this pull request were reviewed in a meeting of the RFPCTL working group on May 20th 2020. The following changes were made during this review and were committed above in commit https://github.com/nmfta-repo/nmfta-telematics_security_requirements/pull/8/commits/60927116fbd836c4407fdd4894435b2d17ce1cbe :