From 8335338ad42da1d1625bccca164f144e15b55866 Mon Sep 17 00:00:00 2001 From: kurilova Date: Wed, 27 May 2026 12:17:14 +0000 Subject: [PATCH 1/4] Update risk profile --- resources/risk_assessment.json | 242 +++++++++++++++++---------------- 1 file changed, 126 insertions(+), 116 deletions(-) diff --git a/resources/risk_assessment.json b/resources/risk_assessment.json index d4f2574fb..22e91544a 100644 --- a/resources/risk_assessment.json +++ b/resources/risk_assessment.json @@ -3,186 +3,196 @@ "question": "How will this device be used at Google?", "description": "Describe your use case. Add links to user journey diagrams and TDD if available.", "type": "text-long", - "validation": { - "max": "512", - "required": true - } + "validation": { "max": "512", "required": true } }, { "question": "Is this device going to be managed by Google or a third party?", "description": "A manufacturer or supplier is considered third party in this case", "type": "select", "options": [ - { - "text": "Google", - "risk": "Limited" - }, - { - "text": "Third Party", - "risk": "High" - } + { "text": "Google", "risk": "Limited" }, + { "text": "Third Party", "risk": "High" } ], - "validation": { - "required": true - } + "validation": { "required": true } }, { "question": "Will the third-party device administrator be able to grant access to authorized Google personnel upon request?", "type": "select", "options": [ - { - "text": "Yes" - }, - { - "text": "No" - }, - { - "text": "N/A" - } + { "text": "Yes" }, + { "text": "No" }, + { "text": "N/A" } ], "default": "N/A", - "validation": { - "required": true - } + "validation": { "required": true } }, { "category": "Data Transmission", "question": "Which of the following statements are true about this device?", - "description": "This tells us about the types of data that are transmitted from this device and how the transmission is performed from a technical standpoint.", + "description": "Types of data transmitted and technical transmission methods.", "type": "select-multiple", "options": [ - { - "text": "PII/PHI, confidential/sensitive business data, Intellectual Property and Trade Secrets, Critical Infrastructure and Identity Assets to a domain outside Alphabet's ownership", - "risk": "High" - }, - { - "text": "Data transmission occurs across less-trusted networks (e.g. the internet).", - "risk": "High" - }, - { - "text": "A failure in data transmission would likely have a substantial negative impact (https://www.rra.rocks/docs/standard_levels#levels-definitions)", - "risk": "High" - }, - { - "text": "A confidentiality breach during transmission would have a substantial negative impact", - "risk": "High" - }, - { - "text": "The device does not encrypt data during transmission", - "risk": "High" - }, - { - "text": "None of the above", - "risk": "Limited" - } + { "text": "PII/PHI, confidential/sensitive business data, Intellectual Property and Trade Secrets, Critical Infrastructure and Identity Assets to a domain outside Alphabet's ownership", "risk": "High" }, + { "text": "Data transmission occurs across less-trusted networks (e.g. the internet).", "risk": "High" }, + { "text": "A failure in data transmission would likely have a substantial negative impact", "risk": "High" }, + { "text": "A confidentiality breach during transmission would have a substantial negative impact", "risk": "High" }, + { "text": "The device does not encrypt data during transmission", "risk": "High" }, + { "text": "None of the above", "risk": "Limited" } ], - "validation": { - "required": true - } + "validation": { "required": true } }, { "category": "Data Transmission", "question": "Does the network protocol assure server-to-client identity verification?", "type": "select", "options": [ - { - "text": "Yes", - "risk": "Limited" - }, - { - "text": "No", - "risk": "High" - }, - { - "text": "I don't know", - "risk": "High" - } - + { "text": "Yes", "risk": "Limited" }, + { "text": "No", "risk": "High" }, + { "text": "I don't know", "risk": "High" } ], - "validation": { - "required": true - } + "validation": { "required": true } }, { "category": "Remote Operation", "question": "Click the statements that best describe the characteristics of this device.", - "description": "This tells us about how this device is managed remotely.", + "description": "Remote management and access characteristics.", "type": "select-multiple", "options": [ - { - "text": "PII/PHI, or confidential business data is accessible from the device without authentication", - "risk": "High" - }, - { - "text": "Unrecoverable actions (e.g. disk wipe) can be performed remotely", - "risk": "High" - }, - { - "text": "Authentication is not required for remote access", - "risk": "High" - }, - { - "text": "The management interface is accessible from the public internet", - "risk": "High" - }, - { - "text": "Static credentials are used for administration", - "risk": "High" - }, - { - "text": "None of the above", - "risk": "Limited" - } + { "text": "PII/PHI, or confidential business data is accessible from the device without authentication", "risk": "High" }, + { "text": "Unrecoverable actions (e.g. disk wipe) can be performed remotely", "risk": "High" }, + { "text": "Authentication is not required for remote access", "risk": "High" }, + { "text": "The management interface is accessible from the public internet", "risk": "High" }, + { "text": "Static credentials are used for administration", "risk": "High" }, + { "text": "None of the above", "risk": "Limited" } ], - "validation": { - "required": true - } + "validation": { "required": true } }, { "category": "Operating Environment", "question": "Are any of the following statements true about this device?", - "description": "This informs us about what other systems and processes this device is a part of.", + "description": "Context of the device within larger systems and processes.", + "type": "select-multiple", + "options": [ + { "text": "The device monitors an environment for active risks to human life.", "risk": "High" }, + { "text": "The device is used to convey people, or critical property.", "risk": "High" }, + { "text": "The device controls robotics in human-accessible spaces.", "risk": "High" }, + { "text": "The device controls physical access systems.", "risk": "High" }, + { "text": "The device is involved in processes required by regulations, or compliance.", "risk": "High" }, + { "text": "The device's failure would cause faults in other high-criticality processes.", "risk": "High" }, + { "text": "None of the above", "risk": "Limited" } + ], + "validation": { "required": true } + }, + + { + "category": "Wireless Security", + "question": "What types of wireless connectivity does this device support or utilize? (Select all that apply)", + "description": "Select all active or physically present wireless interfaces.", "type": "select-multiple", "options": [ { - "text": "The device monitors an environment for active risks to human life.", - "risk": "High" - }, - { - "text": "The device is used to convey people, or critical property.", + "text": "Cellular / WWAN (e.g., LTE, 5G, NB-IoT, eSIM)", "risk": "High" }, { - "text": "The device controls robotics in human-accessible spaces.", + "text": "LPWAN / Long-Range RF (e.g., LoRaWAN)", "risk": "High" }, { - "text": "The device controls physical access systems.", + "text": "Wi-Fi / WLAN - broadcasts its own network (acts as an Access Point / Wi-Fi Direct)", "risk": "High" }, { - "text": "The device is involved in processes required by regulations, or compliance. (ex. privacy, security, safety regulations)", - "risk": "High" + "text": "Wi-Fi / WLAN - connects as a standard client to an existing network", + "risk": "Limited" }, { - "text": "The device's failure would cause faults in other high-criticality processes.", - "risk": "High" + "text": "Short-range RF (e.g., Bluetooth, BLE, Zigbee)", + "risk": "Limited" }, { - "text": "None of the above", + "text": "None (Hardwired Ethernet or serial connections only)", "risk": "Limited" } ], "validation": { "required": true } + + }, + { + "category": "Physical Security", + "question": "Are physical debug interfaces (JTAG, UART, SWD) disabled or physically inaccessible?", + "type": "select", + "options": [ + { "text": "Yes, disabled in hardware/firmware", "risk": "Limited" }, + { "text": "No, ports are active and accessible", "risk": "High" } + ], + "validation": { "required": true } + }, + { + "category": "Authentication", + "question": "Does the device support integration with Google's SSO or MFA for administrative access?", + "type": "select", + "options": [ + { "text": "Yes, supports Google’s SSO or MFA", "risk": "Limited" }, + { "text": "No, uses local unique or shared passwords", "risk": "High" } + ], + "validation": { "required": true } + }, + { + "category": "Software Integrity", + "question": "Is firmware cryptographically signed and verified during the boot process?", + "type": "select", + "options": [ + { "text": "Yes, verified Secure Boot", "risk": "Limited" }, + { "text": "No signing used", "risk": "High" } + ], + "validation": { "required": true } + }, + { + "category": "Vulnerability Management", + "question": "How frequently are security patches released and applied to this device?", + "type": "select", + "options": [ + { "text": "Automatically within 30 days of release", "risk": "Limited" }, + { "text": "Rarely or no patch support", "risk": "High" } + ], + "validation": { "required": true } + }, + { + "category": "Privacy", + "question": "Does the device include audio or video recording capabilities?", + "type": "select", + "options": [ + { "text": "No", "risk": "Limited" }, + { "text": "Yes", "risk": "High" } + ], + "validation": { "required": true } + }, + { + "category": "Logging", + "question": "Does the device generate security audit logs (e.g., login attempts, config changes)?", + "type": "select", + "options": [ + { "text": "Yes", "risk": "Limited" }, + { "text": "No", "risk": "High" } + ], + "validation": { "required": true } + }, + { + "question": "Does the device undergo regular third-party penetration testing?", + "type": "select", + "options": [ + { "text": "Yes", "risk": "Limited" }, + { "text": "No", "risk": "High" } + ], + "validation": { "required": true } }, { "question": "Comments", "description": "Anything else to share?", "type": "text-long", - "validation": { - "max": "512" - } + "validation": { "max": "512" } } -] \ No newline at end of file +] From 646c0b0766330ae97fb69bcb045050dc3a4e002b Mon Sep 17 00:00:00 2001 From: kurilova Date: Thu, 28 May 2026 06:52:34 +0000 Subject: [PATCH 2/4] Update version --- make/DEBIAN/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make/DEBIAN/control b/make/DEBIAN/control index 7e810e79d..ddd07d4da 100644 --- a/make/DEBIAN/control +++ b/make/DEBIAN/control @@ -1,5 +1,5 @@ Package: Testrun -Version: 2.4.0-beta.2 +Version: 2.4.0-beta.3 Architecture: amd64 Maintainer: Google Homepage: https://github.com/google/testrun From 85d743be4fe53dbf9a33477ecbf915de7f8a58b4 Mon Sep 17 00:00:00 2001 From: kurilova Date: Thu, 28 May 2026 10:21:56 +0000 Subject: [PATCH 3/4] Fix tests --- resources/risk_assessment.json | 1 - .../profiles/risk_profile_valid_high.json | 42 +++++++++++++++++++ .../profiles/risk_profile_valid_limited.json | 42 +++++++++++++++++++ 3 files changed, 84 insertions(+), 1 deletion(-) diff --git a/resources/risk_assessment.json b/resources/risk_assessment.json index 22e91544a..be9ed0bb4 100644 --- a/resources/risk_assessment.json +++ b/resources/risk_assessment.json @@ -83,7 +83,6 @@ ], "validation": { "required": true } }, - { "category": "Wireless Security", "question": "What types of wireless connectivity does this device support or utilize? (Select all that apply)", diff --git a/testing/unit/risk_profile/profiles/risk_profile_valid_high.json b/testing/unit/risk_profile/profiles/risk_profile_valid_high.json index bc23f7d0b..880a77de3 100644 --- a/testing/unit/risk_profile/profiles/risk_profile_valid_high.json +++ b/testing/unit/risk_profile/profiles/risk_profile_valid_high.json @@ -58,6 +58,48 @@ ], "risk": "High" }, + { + "question": "What types of wireless connectivity does this device support or utilize? (Select all that apply)", + "answer": [ + 0 + ], + "risk": "High" + }, + { + "question": "Are physical debug interfaces (JTAG, UART, SWD) disabled or physically inaccessible?", + "answer": "No, ports are active and accessible", + "risk": "High" + }, + { + "question": "Does the device support integration with Google's SSO or MFA for administrative access?", + "answer": "No, uses local unique or shared passwords", + "risk": "High" + }, + { + "question": "Is firmware cryptographically signed and verified during the boot process?", + "answer": "No signing used", + "risk": "High" + }, + { + "question": "How frequently are security patches released and applied to this device?", + "answer": "Rarely or no patch support", + "risk": "High" + }, + { + "question": "Does the device include audio or video recording capabilities?", + "answer": "Yes", + "risk": "High" + }, + { + "question": "Does the device generate security audit logs (e.g., login attempts, config changes)?", + "answer": "No", + "risk": "High" + }, + { + "question": "Does the device undergo regular third-party penetration testing?", + "answer": "No", + "risk": "High" + }, { "question": "Comments", "answer": "" diff --git a/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json b/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json index 0e817e3c3..d935cc8de 100644 --- a/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json +++ b/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json @@ -57,6 +57,48 @@ ], "risk": "Limited" }, + { + "question": "What types of wireless connectivity does this device support or utilize? (Select all that apply)", + "answer": [ + 0 + ], + "risk": "Limited" + }, + { + "question": "Are physical debug interfaces (JTAG, UART, SWD) disabled or physically inaccessible?", + "answer": "Yes, disabled in hardware/firmware", + "risk": "Limited" + }, + { + "question": "Does the device support integration with Google's SSO or MFA for administrative access?", + "answer": "Yes, supports Google’s SSO or MFA", + "risk": "Limited" + }, + { + "question": "Is firmware cryptographically signed and verified during the boot process?", + "answer": "Yes, verified Secure Boot", + "risk": "Limited" + }, + { + "question": "How frequently are security patches released and applied to this device?", + "answer": "Automatically within 30 days of release", + "risk": "Limited" + }, + { + "question": "Does the device include audio or video recording capabilities?", + "answer": "No", + "risk": "Limited" + }, + { + "question": "Does the device generate security audit logs (e.g., login attempts, config changes)?", + "answer": "Yes", + "risk": "Limited" + }, + { + "question": "Does the device undergo regular third-party penetration testing?", + "answer": "Yes", + "risk": "Limited" + }, { "question": "Comments", "answer": "" From c061a207ee2430cda5f3d2ca0029840ffa120289 Mon Sep 17 00:00:00 2001 From: kurilova Date: Thu, 28 May 2026 10:46:47 +0000 Subject: [PATCH 4/4] Fix tests --- .../unit/risk_profile/profiles/risk_profile_valid_limited.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json b/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json index d935cc8de..cb22dbd57 100644 --- a/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json +++ b/testing/unit/risk_profile/profiles/risk_profile_valid_limited.json @@ -60,7 +60,7 @@ { "question": "What types of wireless connectivity does this device support or utilize? (Select all that apply)", "answer": [ - 0 + 3 ], "risk": "Limited" },