Thanks. To me, the action items were not clear enough. We don’t have to add new docs but update or link to the docs that capture the AIs clearly.

 

I assume we want platform owners and maintainers to get clear AIs and confirm that those are covered.

 

From: Zelalem Aweke <Zelalem.Aweke@arm.com>
Sent: Monday, April 19, 2021 2:38 PM
To: Varun Wadekar <vwadekar@nvidia.com>
Cc: tf-a@lists.trustedfirmware.org
Subject: Re: [TF-A] [RFC] TF-A threat model

 

External email: Use caution opening links or attachments

 

Hi Varun,

Where applicable, the "Mitigations" entries list what should be done by platforms including links to guidelines we already have in TF-A. We currently don't have a plan to create a separate design/coding guidelines document.

 

-Zelalem


From: Varun Wadekar <vwadekar@nvidia.com>
Sent: Friday, April 16, 2021 11:47 AM
To: Zelalem Aweke <Zelalem.Aweke@arm.com>
Cc: tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.org>
Subject: RE: [TF-A] [RFC] TF-A threat model

 

Hi,

 

This looks promising. Can you also create a list of guidelines resulting from the analysis? We can then roll them up as coding guidelines or design guidelines or to-do for platforms.

 

-Varun

 

From: TF-A <tf-a-bounces@lists.trustedfirmware.org> On Behalf Of Zelalem Aweke via TF-A
Sent: Friday, April 16, 2021 8:15 AM
To: tf-a@lists.trustedfirmware.org
Subject: [TF-A] [RFC] TF-A threat model

 

External email: Use caution opening links or attachments

 

Hi All,

 

We are releasing the first TF-A threat model document. This release provides the baseline for future updates to be applied as required by developments to the TF-A code base. Please review the document provide comments here: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/9627.

 

Thanks,

Zelalem