Description
Object composed by the assets that are on a classical architecture of an IoT
Owning organization
Validating JSON schema
Library objects (provided by MONARC)
Creator
None (account deleted).
License
Creative Commons Zero v1.0 Universal
Related objects
Definition of the object
{
"object": {
"asset": {
"amvs": [],
"asset": {
"code": "CONT",
"description": "Asset container",
"label": "Container",
"language": "EN",
"type": "Primary",
"uuid": "d2023c8f-44d1-11e9-a78c-0800277f0571",
"version": 0
},
"measures": [],
"threats": [],
"vuls": []
},
"children": [
{
"asset": {
"amvs": [
{
"asset": "4447ebac-6831-4617-a653-4aedfe235faf",
"threat": "b402d5f5-4576-11e9-9173-0800277f0571",
"uuid": "26c8f378-14a7-4dda-885e-4e371ce0ed99",
"vulnerability": "69fc01e7-4591-11e9-9173-0800277f0571"
}
],
"asset": {
"code": "OV_IOT_ACTUATORS",
"description": "",
"label": "IoT - Actuators",
"language": "EN",
"type": "Secondary",
"uuid": "4447ebac-6831-4617-a653-4aedfe235faf",
"version": 0
},
"measures": [],
"threats": [
{
"a": false,
"c": false,
"code": "MDA18",
"description": "Receiving false data or unsuitable equipment from outside sources and using them in the organisation.",
"i": true,
"label": "Data from untrustworthy sources",
"language": "EN",
"theme": "Compromise of information",
"uuid": "b402d5f5-4576-11e9-9173-0800277f0571"
}
],
"vuls": [
{
"code": "1094",
"description": "",
"label": "The system allows information to be sent and received without authentication of the senders or recipients",
"language": "EN",
"mode": 0,
"uuid": "69fc01e7-4591-11e9-9173-0800277f0571"
}
]
},
"children": [],
"object": {
"label": "Actuator",
"language": "EN",
"name": "Actuator",
"scope": "local",
"uuid": "5581f4e4-75ea-4fe0-ac43-a4d8311ab6bf",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
},
{
"asset": {
"amvs": [
{
"asset": "fcea8308-cdd4-4207-a324-ed3f2c6800ff",
"threat": "b402d5af-4576-11e9-9173-0800277f0571",
"uuid": "d1140297-6b68-4ccf-9716-665c0b3d4306",
"vulnerability": "69fc0555-4591-11e9-9173-0800277f0571"
}
],
"asset": {
"code": "OV_IOT_DEVICE",
"description": "",
"label": "IoT - Physical part of the IoT",
"language": "EN",
"type": "Secondary",
"uuid": "fcea8308-cdd4-4207-a324-ed3f2c6800ff",
"version": 0
},
"measures": [],
"threats": [
{
"a": true,
"c": true,
"code": "MD36",
"description": "Media, documents or equipment can be accessed by foreigners either internally or externally. It can be damaged or stolen.",
"i": false,
"label": "Theft or destruction of media, documents or equipment",
"language": "EN",
"theme": "Compromise of information",
"uuid": "b402d5af-4576-11e9-9173-0800277f0571"
}
],
"vuls": [
{
"code": "1183",
"description": "Can unauthorised persons access information without physical barriers?Is it easy to access? Are the premises public? Is there a passage or corridor nearby?",
"label": "Persons without a service reason can gain access",
"language": "EN",
"mode": 0,
"uuid": "69fc0555-4591-11e9-9173-0800277f0571"
}
]
},
"children": [],
"object": {
"label": "Device",
"language": "EN",
"name": "Device",
"scope": "local",
"uuid": "59617857-43b1-4660-b571-3f75fa22a1ae",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
},
{
"asset": {
"amvs": [
{
"asset": "d2023de2-44d1-11e9-a78c-0800277f0571",
"threat": "b402d513-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb547-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc04ed-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023de2-44d1-11e9-a78c-0800277f0571",
"threat": "b402d5ea-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb55e-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc0627-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023de2-44d1-11e9-a78c-0800277f0571",
"threat": "b402d513-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb58d-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc05b4-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023de2-44d1-11e9-a78c-0800277f0571",
"threat": "b402d5d5-4576-11e9-9173-0800277f0571",
"uuid": "d2522441-1a7b-456f-8b4b-8f2d6b586632",
"vulnerability": "69fc051f-4591-11e9-9173-0800277f0571"
}
],
"asset": {
"code": "OV_MAINTENANCE",
"description": "Software maintenance",
"label": "Software maintenance",
"language": "EN",
"type": "Secondary",
"uuid": "d2023de2-44d1-11e9-a78c-0800277f0571",
"version": 0
},
"measures": [],
"threats": [
{
"a": true,
"c": false,
"code": "MA15",
"description": "Design error, installation error or operating error committed during modification causing incorrect execution.",
"i": true,
"label": "Software malfunction",
"language": "EN",
"theme": "Technical failures",
"uuid": "b402d513-4576-11e9-9173-0800277f0571"
},
{
"a": true,
"c": true,
"code": "MDA17",
"description": "Someone with special rights (network administration, computer specialists, etc.) modifies the operating characteristics of the resources.",
"i": true,
"label": "Abuse of rights",
"language": "EN",
"theme": "Compromise of functions",
"uuid": "b402d5ea-4576-11e9-9173-0800277f0571"
},
{
"a": true,
"c": true,
"code": "MDA13",
"description": "Unwanted software that is doing operations seeking to harm the company.",
"i": true,
"label": "Malware infection",
"language": "EN",
"theme": "Compromise of information",
"uuid": "b402d5d5-4576-11e9-9173-0800277f0571"
}
],
"vuls": [
{
"code": "1172",
"description": "Are there formal contractual agreements with the main third parties?Are there intervention rules? People's names? Timeframes?",
"label": "No SLAs with third parties (internal or external)",
"language": "EN",
"mode": 0,
"uuid": "69fc04ed-4591-11e9-9173-0800277f0571"
},
{
"code": "1224",
"description": "Link permanently maintainedUnencrypted exchangesNo record",
"label": "The supplier does not manage remote maintenance properly",
"language": "EN",
"mode": 0,
"uuid": "69fc0627-4591-11e9-9173-0800277f0571"
},
{
"code": "1213",
"description": "Is change management for software or the IT system correct?Is there planning for changes? Cost estimates? Tests before production begins?",
"label": "Problems in change management or software maintenance",
"language": "EN",
"mode": 0,
"uuid": "69fc05b4-4591-11e9-9173-0800277f0571"
},
{
"code": "1178",
"description": "Is there a procedure? Is it formal?How frequently is it implemented? Who is in charge?Are tests performed? Before? After?",
"label": "Update management (patches) is flawed",
"language": "EN",
"mode": 0,
"uuid": "69fc051f-4591-11e9-9173-0800277f0571"
}
]
},
"children": [],
"object": {
"label": "Operating system",
"language": "EN",
"name": "Operating system",
"scope": "local",
"uuid": "4b31e8dd-24d8-4780-aa62-d5f4fff53760",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
},
{
"asset": {
"amvs": [
{
"asset": "7b8a1bca-0172-43e5-89e6-590c6a7d76af",
"threat": "b402d5df-4576-11e9-9173-0800277f0571",
"uuid": "02c8ec95-756a-447b-916b-312b29c2e43c",
"vulnerability": "69fc0101-4591-11e9-9173-0800277f0571"
},
{
"asset": "7b8a1bca-0172-43e5-89e6-590c6a7d76af",
"threat": "b402d557-4576-11e9-9173-0800277f0571",
"uuid": "4896c568-6eb2-4454-9d80-bad8f8106a0f",
"vulnerability": "69fc0952-4591-11e9-9173-0800277f0571"
}
],
"asset": {
"code": "OV_IOT_NETWORK_INTERFACE",
"description": "IoT - Network interface",
"label": "IoT - Interface réseau",
"language": "EN",
"type": "Secondary",
"uuid": "7b8a1bca-0172-43e5-89e6-590c6a7d76af",
"version": 0
},
"measures": [],
"threats": [
{
"a": true,
"c": false,
"code": "MDA16",
"description": "A person or resource of a hardware, software or network type simulating an intense demand on resources by setting up continuous bombardment.",
"i": false,
"label": "Saturation of the information system",
"language": "EN",
"theme": "Technical failures",
"uuid": "b402d5df-4576-11e9-9173-0800277f0571"
},
{
"a": false,
"c": true,
"code": "MD15",
"description": "Someone connected to communication equipment or media or located inside the transmission coverage boundaries of a communication.",
"i": false,
"label": "Eavesdropping",
"language": "EN",
"theme": "Compromise of functions",
"uuid": "b402d557-4576-11e9-9173-0800277f0571"
}
],
"vuls": [
{
"code": "1070",
"description": "",
"label": "Incorrect sizing of resources (e.g. too many users for the number of connections possible and the passband)",
"language": "EN",
"mode": 0,
"uuid": "69fc0101-4591-11e9-9173-0800277f0571"
},
{
"code": "210",
"description": "",
"label": "Equipment with a communication interface that can be eavesdropped (infrared, 802.11, Bluetooth, etc.)",
"language": "EN",
"mode": 0,
"uuid": "69fc0952-4591-11e9-9173-0800277f0571"
}
]
},
"children": [],
"object": {
"label": "Communication interface",
"language": "EN",
"name": "Communication interface",
"scope": "local",
"uuid": "926e6d32-9bca-4675-b817-b572f5947072",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
},
{
"asset": {
"amvs": [
{
"asset": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b",
"threat": "b402d5c9-4576-11e9-9173-0800277f0571",
"uuid": "5cf11c67-0843-4dec-bb0e-c649d97a2bc4",
"vulnerability": "69fc057e-4591-11e9-9173-0800277f0571"
},
{
"asset": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b",
"threat": "b402d620-4576-11e9-9173-0800277f0571",
"uuid": "a162b328-c313-4464-80ba-f1db359d7655",
"vulnerability": "69fc0f0d-4591-11e9-9173-0800277f0571"
}
],
"asset": {
"code": "OV_IOT_STORAGE_LOCAL",
"description": "",
"label": "IoT - Local Storage",
"language": "EN",
"type": "Secondary",
"uuid": "bc411cb6-d2fc-4e0c-8ed1-e5259e213e9b",
"version": 0
},
"measures": [],
"threats": [
{
"a": false,
"c": true,
"code": "MDA12",
"description": "Retrieval of electronic media (hard discs, floppy discs, back-up cartridges, USB keys, ZIP discs, removable hard discs, etc.) or paper copies (lists, incomplete print-outs, messages, etc.) intended for recycling and containing retrievable information.",
"i": false,
"label": "Retrieval of recycled or discarded media",
"language": "EN",
"theme": "Compromise of information",
"uuid": "b402d5c9-4576-11e9-9173-0800277f0571"
},
{
"a": true,
"c": false,
"code": "MDA29",
"description": "Event causing destruction of equipment or media.",
"i": false,
"label": "Destruction of equipment or supports",
"language": "EN",
"theme": "Physical damage",
"uuid": "b402d620-4576-11e9-9173-0800277f0571"
}
],
"vuls": [
{
"code": "1191",
"description": "Is there a formal procedure?Is it followed?Is the disposal line correct?",
"label": "Disposal is not carried out properly",
"language": "EN",
"mode": 0,
"uuid": "69fc057e-4591-11e9-9173-0800277f0571"
},
{
"code": "283",
"description": "",
"label": "No back-up of data contained on the media",
"language": "EN",
"mode": 0,
"uuid": "69fc0f0d-4591-11e9-9173-0800277f0571"
}
]
},
"children": [],
"object": {
"label": "Local storage",
"language": "EN",
"name": "Local storage",
"scope": "local",
"uuid": "7da319ff-851c-414f-bb76-50cfc48254b5",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
},
{
"asset": {
"amvs": [
{
"asset": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"threat": "b402d4e0-4576-11e9-9173-0800277f0571",
"uuid": "1631becd-9756-46f3-b23d-a3d93bac3fab",
"vulnerability": "69fc0515-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"threat": "b402d600-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb735-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc04e2-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"threat": "b402d530-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb74c-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc04c4-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"threat": "b402d530-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb763-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc04d1-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"threat": "b402d600-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb77a-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc061d-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"threat": "b402d58f-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb7a9-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc1924-4591-11e9-9173-0800277f0571"
},
{
"asset": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"threat": "b402d557-4576-11e9-9173-0800277f0571",
"uuid": "7f9fb7ca-4f02-11e9-b3ea-0800277f0571",
"vulnerability": "69fc0560-4591-11e9-9173-0800277f0571"
}
],
"asset": {
"code": "OV_LOGICIEL",
"description": "Business application",
"label": "Software",
"language": "EN",
"type": "Secondary",
"uuid": "d2023dd3-44d1-11e9-a78c-0800277f0571",
"version": 0
},
"measures": [],
"threats": [
{
"a": true,
"c": true,
"code": "MA11",
"description": "A person commits an operating error, input error or utilisation error on hardware or software.",
"i": true,
"label": "Error in use",
"language": "EN",
"theme": "Compromise of functions",
"uuid": "b402d4e0-4576-11e9-9173-0800277f0571"
},
{
"a": false,
"c": true,
"code": "MDA20",
"description": "Person who voluntarily or negligently disclosure information.",
"i": false,
"label": "Disclosure",
"language": "EN",
"theme": "Compromise of information",
"uuid": "b402d600-4576-11e9-9173-0800277f0571"
},
{
"a": true,
"c": true,
"code": "MD14",
"description": "A person assumes the identity of a different person in order to use his/her access rights to the information system, misinform the recipient, commit a fraud, etc.",
"i": true,
"label": "Forging of rights",
"language": "EN",
"theme": "Compromise of functions",
"uuid": "b402d530-4576-11e9-9173-0800277f0571"
},
{
"a": false,
"c": false,
"code": "MD24",
"description": "A person or entity denies being involved in an exchange with a third party or carrying out an operation.",
"i": true,
"label": "Denial of actions",
"language": "EN",
"theme": "Compromise of functions",
"uuid": "b402d58f-4576-11e9-9173-0800277f0571"
},
{
"a": false,
"c": true,
"code": "MD15",
"description": "Someone connected to communication equipment or media or located inside the transmission coverage boundaries of a communication.",
"i": false,
"label": "Eavesdropping",
"language": "EN",
"theme": "Compromise of functions",
"uuid": "b402d557-4576-11e9-9173-0800277f0571"
}
],
"vuls": [
{
"code": "1177",
"description": "Does the software's design cause users problems?Is it complicated to understand or use?Does training or adaptation take a long time? Are there any known errors?",
"label": "Tools or programs are not adapted for use or are not ergonomic",
"language": "EN",
"mode": 0,
"uuid": "69fc0515-4591-11e9-9173-0800277f0571"
},
{
"code": "1168",
"description": "Are all authorisations granted in compliance with this principle?",
"label": "The need-to-know principle is not respected",
"language": "EN",
"mode": 0,
"uuid": "69fc04e2-4591-11e9-9173-0800277f0571"
},
{
"code": "1166",
"description": "Is there a formal procedure?Who authorises access?Is the four-eyes principle followed?",
"label": "Authorisation management is flawed",
"language": "EN",
"mode": 0,
"uuid": "69fc04c4-4591-11e9-9173-0800277f0571"
},
{
"code": "1167",
"description": "Is there a password policy?Are there good practices (length, complexity, change, etc.)?Is there one account per person?Are there shared accounts?",
"label": "User authentication is not ensured",
"language": "EN",
"mode": 0,
"uuid": "69fc04d1-4591-11e9-9173-0800277f0571"
},
{
"code": "1221",
"description": "Can data be exported?Also in a structured format (XLS, CSV, XML, etc.)?",
"label": "User rights allow information to be exported",
"language": "EN",
"mode": 0,
"uuid": "69fc061d-4591-11e9-9173-0800277f0571"
},
{
"code": "50",
"description": "Are there logs?Are they sufficient in terms of the checks to be carried out?",
"label": "No storage of activity tracks",
"language": "EN",
"mode": 0,
"uuid": "69fc1924-4591-11e9-9173-0800277f0571"
},
{
"code": "1184",
"description": "Is the method of communication encrypted?Could third parties access the method of communication?",
"label": "Use of an unsecured method of communication",
"language": "EN",
"mode": 0,
"uuid": "69fc0560-4591-11e9-9173-0800277f0571"
}
]
},
"children": [],
"object": {
"label": "Application",
"language": "EN",
"name": "Application",
"scope": "local",
"uuid": "cbfb813a-3e9c-415c-9ece-9c2bd7c781b7",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
},
{
"asset": {
"amvs": [
{
"asset": "fa281f62-931c-47dd-82b6-976e543a2168",
"threat": "b402d5f5-4576-11e9-9173-0800277f0571",
"uuid": "15715227-f575-462b-b467-236532cddbb6",
"vulnerability": "69fc01e7-4591-11e9-9173-0800277f0571"
}
],
"asset": {
"code": "OV_IOT_SENSORS",
"description": "",
"label": "IoT - Sensor",
"language": "EN",
"type": "Secondary",
"uuid": "fa281f62-931c-47dd-82b6-976e543a2168",
"version": 0
},
"measures": [],
"threats": [
{
"a": false,
"c": false,
"code": "MDA18",
"description": "Receiving false data or unsuitable equipment from outside sources and using them in the organisation.",
"i": true,
"label": "Data from untrustworthy sources",
"language": "EN",
"theme": "Compromise of information",
"uuid": "b402d5f5-4576-11e9-9173-0800277f0571"
}
],
"vuls": [
{
"code": "1094",
"description": "",
"label": "The system allows information to be sent and received without authentication of the senders or recipients",
"language": "EN",
"mode": 0,
"uuid": "69fc01e7-4591-11e9-9173-0800277f0571"
}
]
},
"children": [],
"object": {
"label": "Sensor",
"language": "EN",
"name": "Sensor",
"scope": "local",
"uuid": "e1473c38-42fc-4124-8b66-595ed18c1db2",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
}
],
"object": {
"label": "IoT",
"language": "EN",
"name": "IoT",
"scope": "local",
"uuid": "0ceec4ea-73c0-4055-bcf1-819346ffdd0b",
"version": 0
},
"rolfRisks": [],
"rolfTags": []
}
}