Test 1

TEST 1

Test Case: BIS-3.5.1 Test Name: TC_CONFIRM_USE_OF_NON-PROPRIETARY_NETWORK_PROTOCOLS

Objective: Verify that only non-proprietary (open and standardized) network protocols are used in the device. If proprietary protocols are present, complete implementation details and source code must be provided, with supporting evidence of secure design and validation.

Tools Used:

  • Documentation review

  • Wireshark (for packet-level protocol validation)

Test Execution Steps:

  1. Validate the vendor-provided documentation listing all network protocols implemented in the device.

  2. Conduct a passive traffic capture using Wireshark during device operation (e.g., UI interaction, remote access, SNMP polling).

  3. Analyze captured traffic to identify and verify protocols in use.

  4. Compare observed protocols with the vendor's documented list.

  5. If proprietary protocols are identified, request complete documentation and source code for review.

Expected Results for Pass:

  • All network protocols observed during testing are documented by the vendor.

  • No undocumented or proprietary protocols are detected.

  • If proprietary protocols are used, detailed implementation documents and secure development evidence (including source code) are available and reviewed.

Test Observations: (To be filled) Example:

The vendor provided a comprehensive list of all network protocols in use. Wireshark traffic analysis confirmed usage of only standard protocols such as TCP, UDP, HTTPS, SSH, SNMPv3. No proprietary or undocumented protocols were detected during the session.

Evidence Provided:

  • Vendor protocol list

  • Wireshark capture logs

  • Annotated protocol analysis summary

Test Case Result: ☐ PASS  ☐ FAIL  ☐ NA (Mark appropriately)

Overall Test Result: ☐ PASS  ☐ FAIL  ☐ NA (Mark appropriately)

Previous3.5 Confirm Use of Non-Proprietary Network ProtocolsNext4. Security Conformance at Product Development Stage

Last updated

Was this helpful?