blob: b22fb1813e69a39494006c13e0c7b3ad2e18aa49 [file] [log] [blame]
Zelalem05fed522021-02-24 19:20:09 -06001Threat Model
Olivier Deprez86d1ffd2021-06-01 15:37:16 +02002============
3
4Threat modeling is an important part of Secure Development Lifecycle (SDL)
5that helps us identify potential threats and mitigations affecting a system.
6
Sandrine Bailleux5981b1a2023-04-04 16:02:42 +02007As the TF-A codebase is highly configurable to allow tailoring it best for each
8platform's needs, providing a holistic threat model covering all of its features
9is not necessarily the best approach. Instead, we provide a collection of
10documents which, together, form the project's threat model. These are
11articulated around a core document, called the :ref:`Generic Threat Model`,
12which focuses on the most common configuration we expect to see. The other
13documents typically focus on specific features not covered in the core document.
14
15As the TF-A codebase evolves and new features get added, these threat model
16documents will be updated and extended in parallel to reflect at best the
17current status of the code from a security standpoint.
18
19 .. note::
20
21 Although our aim is eventually to provide threat model material for all
22 features within the project, we have not reached that point yet. We expect
23 to gradually fill these gaps over time.
24
25Each of these documents give a description of the target of evaluation using a
26data flow diagram, as well as a list of threats we have identified using the
27`STRIDE threat modeling technique`_ and corresponding mitigations.
Zelalem05fed522021-02-24 19:20:09 -060028
29.. toctree::
30 :maxdepth: 1
31 :caption: Contents
Zelalem05fed522021-02-24 19:20:09 -060032
33 threat_model
Olivier Deprez86d1ffd2021-06-01 15:37:16 +020034 threat_model_spm
Shruti Gupta795af712022-09-27 14:21:13 +010035 threat_model_el3_spm
Gary Morrisond4d951a2021-11-10 14:40:15 -060036 threat_model_fvp_r
Tamas Banef589bf2022-11-30 17:09:43 +010037 threat_model_rss_interface
Zelalem05fed522021-02-24 19:20:09 -060038
39--------------
40
Sandrine Bailleux5981b1a2023-04-04 16:02:42 +020041*Copyright (c) 2021-2023, Arm Limited and Contributors. All rights reserved.*
42
43.. _STRIDE threat modeling technique: https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats#stride-model