Table of Contents

Foreword
Introduction
1 Scope
2 References
3 Abbreviations
4 General Methodology
  4.1 Working procedure within ETSI
  4.2 Simplifications and models
  4.3 Explanation of terminology
  4.4 Methodology flow chart
5 Security objectives definition
  5.1 Identification of the system's nature
  5.2 Identification of individual security objectives
6 System review
7 Threat analysis
  7.1 Identification of system-specific threats
  7.2 Identification of threats based on external requirements
  7.3 Guidelines to the identification of data protection threats
  7.4 Guidelines to the identification of threats related to
      inter-network communication
  7.5 Guidelines to the identification of threats to system
      integrity
  7.6 Guidelines to the identification of threats due to
      security policies
8 Risk assessment
  8.1 Evaluation of threats and definition of risks
  8.2 Determine threshold for major threats respectively risks
  8.3 Evaluation of the global risk, risk assessment report
  8.4 TC/STC management decision
  8.5 Setting up the final risk assessment report
9 Security requirements
Annex A: List of work items referred to in this ETR
History

Abstract

Gives guidance and support for a comprehensive analysis of threats, vulnerabilities, risks and for the compilation of a specific set of security requirements.

General Product Information

Published
Document Type	Standard
Status	Current
Publisher	European Telecommunications Standards Institute
Pages
ISBN
Committee	NA