Are you REDy?

ICS2IXIT for RED compliance

Provision	Status	Associated IXITs
5.0 Reporting Implementation
5.0	M	(none)
5.1 No universal default passwords
5.1-1	M F (a)	IXIT 1-AuthMech: ID, Description, Authentication Factor, Password Generation Mechanism
5.1-2	M F (b)	IXIT 1-AuthMech: ID, Description, Authentication Factor, Password Generation Mechanism
5.1-2A	R	IXIT 1-AuthMech: ID, Description, Authentication Factor
5.1-3	M F (c)	IXIT 1-AuthMech: ID, Description, Security Guarantees, Cryptographic Details
5.1-4	M F (d)	IXIT 1-AuthMech: ID, Description IXIT 2-UserInfo: Documentation of Change Mechanisms
5.1-5	M C F (14, e)	IXIT 1-AuthMech: ID, Description, Brute Force Prevention
5.2 Implement a means to manage reports of vulnerabilities
5.2-1	M	IXIT 2-UserInfo: Publication of Vulnerability Disclosure Policy
5.2-2	R	IXIT 2-UserInfo: Publication of Vulnerability Disclosure Policy IXIT 3-VulnTypes: ID, Description, Action, Time Frame IXIT 4-Conf: Confirmation of Vulnerability Actions
5.2-3	R	IXIT 4-Conf: Confirmation of Vulnerability Monitoring IXIT 5-VulnMon: ID, Description
5.3 Keep software updated
5.3-1	R F (f)	IXIT 6-SoftComp: ID, Description, Update Mechanism IXIT 7-UpdMech: ID, Description, Security Guarantees, Cryptographic Details, Initiation and Interaction
5.3-2	M C (15)	IXIT 7-UpdMech: ID, Description, Security Guarantees, Cryptographic Details, Initiation and Interaction
5.3-3	M F (g)	IXIT 6-SoftComp: ID, Description, Update Mechanism IXIT 7-UpdMech: ID, Description, Initiation and Interaction
5.3-4A	R F (g)	IXIT 6-SoftComp: ID, Description, Configuration
5.3-4B	R F (g)	IXIT 6-SoftComp: ID, Description, Configuration IXIT 26-UserDec: ID, Description
5.3-5	R F (g)	IXIT 7-UpdMech: ID, Description, Update Checking
5.3-6A	R F (h)	IXIT 7-UpdMech: ID, Description, Initiation and Interaction, Configuration
5.3-6B	R F (i)	IXIT 7-UpdMech: ID, Description, Configuration, User Notification
5.3-7	M F (g)	IXIT 7-UpdMech: ID, Description, Security Guarantees, Cryptographic Details
5.3-8	M C (12)	IXIT 4-Conf: Confirmation of Update Procedures IXIT 8-UpdProc: ID, Description, Time Frame
5.3-9	R F (g)	IXIT 7-UpdMech: ID, Description, Security Guarantees, Cryptographic Details
5.3-10	M F (j)	IXIT 7-UpdMech: ID, Description, Security Guarantees
5.3-11	R C (12)	IXIT 7-UpdMech: ID, Description, User Notification, Update Checking
5.3-12	R C (12)	IXIT 7-UpdMech: ID, Description, User Notification
5.3-13	M	IXIT 2-UserInfo: Support Period, Publication of Support Period
5.3-14	R C (3)	IXIT 2-UserInfo: Documentation of Replacement, Publication of Non-Updatable
5.3-15A	R C (3)	IXIT 9-ReplSup: Isolation
5.3-15B	R C (3)	IXIT 9-ReplSup: Hardware Replacement
5.3-16	M	IXIT 2-UserInfo: Model Designation
5.4 Securely store sensitive security parameters
5.4-1	M F (k)	IXIT 10-SecParam: ID, Description, Type, Security Guarantees, Protection Scheme
5.4-2	M F (l)	IXIT 10-SecParam: ID, Description, Type, Security Guarantees, Protection Scheme
5.4-3	M	IXIT 10-SecParam: ID, Description, Type, Provisioning Mechanism
5.4-4	M F (m)	IXIT 10-SecParam: ID, Description, Type, Generation Mechanism
5.5 Communicate securely
5.5-1	M	IXIT 11-SecComMech: ID, Description, Security Guarantees, Cryptographic Details
5.5-2	R	IXIT 12-NetSecImpl: ID, Description, Review/Evaluation Method, Report
5.5-3	R	IXIT 6-SoftComp: ID, Description, Update Mechanism, Cryptographic Usage
5.5-4	R C (16)	IXIT 1-AuthMech: ID, Description, Security Guarantees, Cryptographic Details IXIT 13-SoftServ: ID, Description, Authentication Mechanism
5.5-5	M F (n)	IXIT 1-AuthMech: ID, Description, Security Guarantees, Cryptographic Details IXIT 13-SoftServ: ID, Description, Allows Configuration, Authentication Mechanism
5.5-6	R F (o)	IXIT 10-SecParam: ID, Description, Type, Communication Mechanisms IXIT 11-SecComMech: ID, Description, Security Guarantees, Cryptographic Details
5.5-7	M F (o)	IXIT 10-SecParam: ID, Description, Type, Secure Communication Mechanisms IXIT 11-SecComMech: ID, Description, Security Guarantees, Cryptographic Details
5.5-8	M C (16)	IXIT 4-Conf: Confirmation of Secure Management IXIT 14-SecMgmt: ID, Description
5.6 Minimize exposed attack surfaces
5.6-1	M F (p)	IXIT 15-PhyIntf: ID, Description, Type, Status IXIT 15-PhyIntf: ID, Description, Access, Status
5.6-2	M	IXIT 28-LogIntf: ID, Description, Access, Disclosed Information
5.6-3	R	IXIT 15-PhyIntf: ID, Description, Status, Protection
5.6-4A	M F (q)	IXIT 15-PhyIntf: ID, Description, Status, Debug Interface, Protection
5.6-4B	R F (r)	IXIT 15-PhyIntf: ID, Description, Type, Debug Interface, Protection
5.6-5	R	IXIT 13-SoftServ: ID, Description, Status, Justification
5.6-6	R	IXIT 16-CodeMin: ID, Description
5.6-7	R	IXIT 17-PrivlCtrl: ID, Description
5.6-8	R	IXIT 18-AccCtrl: ID, Description
5.6-9	R	IXIT 4-Conf: Confirmation of Secure Development IXIT 19-SecDev: ID, Description
5.7 Ensure software integrity
5.7-1	R	IXIT 20-SecBoot: ID, Description, Security Guarantees, Detection Mechanisms
5.7-2	R F (s)	IXIT 20-SecBoot: ID, Description, User Notification, Notification Functionality
5.8 Ensure that personal data is secure
5.8-1	R F (t)	IXIT 11-SecComMech: ID, Description, Security Guarantees, Cryptographic Details IXIT 21-PersData: ID, Description, Communication Mechanisms
5.8-2	M F (u)	IXIT 11-SecComMech: ID, Description, Security Guarantees, Cryptographic Details IXIT 21-PersData: ID, Description, Processing Activities, Secure Communication Mechanisms, Sensitive
5.8-3	M F (v)	IXIT 2-UserInfo: Documentation of Sensors IXIT 22-ExtSens: ID, Description
5.9 Make systems resilient to outages
5.9-1	R	IXIT 23-ResMech: ID, Description, Security Guarantees
5.9-2	R	IXIT 23-ResMech: ID, Description, Type
5.9-3	R	IXIT 28-LogIntf: ID, Description, Access
5.10 Examine system telemetry data
5.10-1	R F (w)	IXIT 24-TelData: ID, Description, Security Examination
5.11 Make it easy for users to delete user data
5.11-1	M	IXIT 25-DelFunc: ID, Description, Target Type, Initiation and Interaction
5.11-2	R F (x)	IXIT 21-PersData: ID, Description, Processing Activities IXIT 25-DelFunc: ID, Description, Target Type, Initiation and Interaction
5.11-3	R	IXIT 2-UserInfo: Documentation of Deletion IXIT 21-PersData: ID, Description, Processing Activities IXIT 25-DelFunc: ID, Description, Target Type
5.11-4	R	IXIT 2-UserInfo: Documentation of Deletion IXIT 25-DelFunc: ID, Description, Confirmation
5.12 Make installation and maintenance of devices easy
5.12-1	R	IXIT 26-UserDec: ID, Description, Options, Triggered By
5.12-2	R	IXIT 2-UserInfo: Documentation of Secure Setup IXIT 26-UserDec: ID, Description, Options
5.12-3	R	IXIT 2-UserInfo: Documentation of Setup Check, Documentation of Maintenance Check
5.13 Validate input data
5.13-1A	M	IXIT 27-UserIntf: ID, Description, Type IXIT 29-InpVal: ID, Description, Source
5.13-1B	M	IXIT 28-LogIntf: ID, Description, Access IXIT 29-InpVal: ID, Description, Source
6 Data protection provisions for consumer IoT
6-1	M	IXIT 21-PersData: ID, Description, Purpose, Authorized Parties, Lifecycle
6-2	M F (y)	IXIT 21-PersData: ID, Description, Obtaining Consent
6-3A	M F (y)	IXIT 21-PersData: ID, Description, Obtaining Consent, Withdrawing Consent
6-3B	M F (y)	IXIT 21-PersData: ID, Description, Obtaining Consent, Storing Consent
6-4	R F (w)	IXIT 21-PersData: ID, Description IXIT 24-TelData: ID, Description, Purpose, Personal Data
6-5	M F (w)	IXIT 2-UserInfo: Documentation of Telemetry Data IXIT 24-TelData: ID, Description, Purpose
6-6	M F (z)	IXIT 21-PersData: ID, Description, Purpose, Lifecycle, Processing Activities
6-7	M F (aa)	IXIT 21-PersData: ID, Description, Processing Activities, Aggregation
6-8	M F (z)	IXIT 21-PersData: ID, Description, Anonymization

List of consolidated IXITs

cetome ICS2IXT

Import ICS

Are you REDy?

List of consolidated IXITs