...
| Your Answer-Please Describe | SECCOM Feedback / Recommendations |
|---|---|
None availanleavailable CPS don’t have security requirements apart from the authentication on our rest API wherein username and passwords are configurable |
...
| Your Answer-Please Explain | SECCOM Feedback / Recommendations |
|---|---|
Our application expects (any) client to upload models and data to be stored. These models and data are validated via OpenDayLight Yang parser. These are only stored once the parser accepts that it is valid and returns an exception for invalid models and data. Additionally, inputs to all REST endpoints are validated, e.g. CM handle IDs, CPS paths, timestamps |
Hardening
Does your project apply hardening mechanisms so that software defects are less likely to result in security vulnerabilities?
...