The Security Objectives section of the Field Device Protection Profile is out in an email to PCSRF members. We also included a table that maps the Security Objectives to the Threats they mitigate. The table is probably the most interesting part of the document, and you do not need to be a Common Criteria guru to understand and comment on it.

A few Security Objective examples:

O.BoundaryChecking
The TOE shall identify and discard any communication that arrives at the TOE boundary that has parameters outside of the expected range.

O.Confidentiality
The TOE shall be capable of establishing a secure communication channel with devices outside of the TOE boundary. This secure communication channel shall protect the confidentiality of the information sent in the channel.

O.DataFlowControl
The TOE shall be capable of preventing communication from a single or small set of IP addresses from stopping proper processing of communication received from other authenticated and authorized users and devices.

O.DataIntegrity
The TOE shall identify if data sent from an authenticated users or device has been modified prior to arriving at the TOE boundary. Modified data shall be rejected.

If you want to see and comment on any of the drafts you need to join PCSRF. There is no cost to join. We have also set up a collaboration site where the drafts are being commented on and edited interactively by some of the more active members.

Background: The National Institute of Standards and Technology (NIST) engaged Digital Bond to write the draft Protection Profile for the next generation of secure field devices (PLC’s, RTU’s, IED’s). The draft is presented to the PCSRF members who comment on the draft. We moderate the comment period, address the comments including integrating changes, and provide the final draft. The Field Device Protection Profile will be complete by April 30, 2006.