Commit 7006f208 authored by Zelalem's avatar Zelalem Committed by Zelalem Aweke
Browse files

docs(threat model): add TF-A threat model



This is the first release of the public Trusted
Firmware A class threat model. This release
provides the baseline for future updates to be
applied as required by developments to the
TF-A code base.
Signed-off-by: default avatarZelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I3c9aadc46196837679f0b1377bec9ed4fc42ff11
parent 44de593d
/*
* Copyright (c) 2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
* Set the white-space property of tables to normal.
* With this setting sequences of whitespace inside
* a table will collapse into a single whitespace,
* and text will wrap when necessary.
*/
.wy-table-responsive table td {
white-space: normal;
}
# -*- coding: utf-8 -*-
#
# Copyright (c) 2019, Arm Limited. All rights reserved.
# Copyright (c) 2019-2021, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
......@@ -76,6 +76,14 @@ html_theme_options = {
'style_external_links': True # Display an icon next to external links
}
# Path to _static directory
html_static_path = ['_static']
# Path to css file relative to html_static_path
html_css_files = [
'css/custom.css',
]
# -- Options for autosectionlabel --------------------------------------------
# Only generate automatic section labels for document titles
......
......@@ -15,6 +15,7 @@ Trusted Firmware-A Documentation
perf/index
security_advisories/index
design_documents/index
threat_model/index
change-log
change-log-upcoming
glossary
......@@ -83,7 +84,7 @@ have previously been raised against the software.
--------------
*Copyright (c) 2013-2020, Arm Limited and Contributors. All rights reserved.*
*Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.*
.. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile
.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
......
/'
' Copyright (c) 2021, Arm Limited. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'/
/'
TF-A Data Flow Diagram
'/
@startuml
digraph tfa_dfd {
# Arrange nodes from left to right
rankdir="LR"
# Allow arrows to end on cluster boundaries
compound=true
# Default settings for edges and nodes
edge [minlen=2 color="#8c1b07"]
node [fillcolor="#ffb866" style=filled shape=box fixedsize=true width=1.6 height=0.7]
# Nodes outside of the trust boundary
nsec [label="Non-secure\nClients"]
sec [label="Secure\nClients"]
dbg [label="Debug & Trace"]
logs [label="Logs\n(UART)"]
nvm [label="Non-volatile\nMemory"]
# Trust boundary cluster
subgraph cluster_trusted{
graph [style=dashed color="#f22430"]
# HW IPs cluster
subgraph cluster_ip{
label ="Hardware IPs";
graph [style=filled color="#000000" fillcolor="#ffd29e"]
rank="same"
gic [label="GIC" width=1.2 height=0.5]
tzc [label="TZ\nController" width=1.2 height=0.5]
etc [label="..." shape=none style=none height=0.5]
}
# TF-A cluster
subgraph cluster_tfa{
label ="TF-A";
graph [style=filled color="#000000" fillcolor="#faf9cd"]
bl1 [label="Boot ROM\n(BL1)" fillcolor="#ddffb3"];
bl2 [label="Trusted Boot\nFirmware\n(BL2)" fillcolor="#ddffb3" height=1]
bl31 [label="TF-A Runtime\n(BL31)" fillcolor="#ddffb3"]
}
}
# Interactions between nodes
nvm -> bl31 [lhead=cluster_tfa label="DF1"]
logs -> bl31 [dir="back" lhead=cluster_tfa label="DF2"]
dbg -> bl2 [dir="both" lhead=cluster_tfa label="DF3"]
sec -> bl2 [dir="both" lhead=cluster_tfa label="DF4"]
nsec -> bl1 [dir="both" lhead=cluster_tfa, label="DF5"]
bl2 -> tzc [dir="both" ltail=cluster_tfa lhead=cluster_ip label="DF6" minlen=1]
}
@enduml
Threat Model
=============
.. toctree::
:maxdepth: 1
:caption: Contents
:numbered:
threat_model
--------------
*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment