All sections are required for FPWD. Use your best judgement on filling them with appropriate content.





This section defines to what kinds of implementations the requirement or good practice applies. It speaks, e.g., about interface modalities (visual vs. audio) and the like.

Requirement | Good Practice

The statement against which we expect an implementation to declare conformance. Requirements correspond to a MUST, Good Practices correspond to a SHOULD.


This section lists techniques that can be used to implement the requirement or good practice. It's currently expected to be informative, but we might need to revisit that.

Dependencies [optional for Robustness only proposals]

Examples (informational)

Give an example for what an conforming and what a non-conforming implementation could be.

Use-cases [optional for Robustness only proposals]

Attack resistance and limitations

Discuss the security properties that can be derived from this requirement, and the limitations there are. References to ThreatTrees or vulnerability databases will be useful, but not required.

Usability effect [optional for Robustness only proposals]

Expected User behavior


Background (informational)

Place to give a more detailed discussion of the background and rationale for the requirement / good practice.