The next draft section of the Protection Profile is out, and this is the first section where there is some meat for the community to chew on. The TOE Security Environment section addresses the assumptions, threats and organization policies for the Protection Profile. The most important are the threats because these will drive the next section, Objectives, and the following section, Security Funcitional Requirements.

Each threat is enumerated and described. Here is an example:

T.MalformedData

An attacker may attempt to compromise the availability or integrity of a TOE by sending malformed data to the TOE. Malformed data is data that does not comply with the expected protocol. It could be values outside of the permitted range, random modifications of the protocol, or data generated using protocol fuzzing tools.

TOE means Target of Evaluation and is basically the field device that will certified to meet the Protection Profile.

If you want to see and comment on any of the drafts you need to join PCSRF. There is no cost to join. We have also set up a collaboration site where the drafts are being commented on and edited interactively by some of the more active members.

Background: The National Institute of Standards and Technology (NIST) engaged Digital Bond to write the draft Protection Profile for the next generation of secure field devices (PLC’s, RTU’s, IED’s). The draft is presented to the PCSRF members who comment on the draft. We moderate the comment period, address the comments including integrating changes, and provide the final draft. The Field Device Protection Profile will be complete by April 30, 2006.