Commit 76ebb931 authored by Valerie Aurora's avatar Valerie Aurora
Browse files

Move secure compilation flags up to secure dev

parent a0f9e63b

EN-304-625.md

+14 −56
Original line number Diff line number Diff line
@@ -764,19 +764,31 @@ The manufacturer shall identify which input fields may produce memory errors in 
* Result: no memory errors

* Documentation: documentation of identified inputs and what inputs were boundary testing



#### 5.2.X.x **MI-SCFS**: Secure compilation flags



The manufacturer shall ensure that all security-relevant firmware and software are compiled with secure compilation flags and options appropriate to the target platform and language. The manufacturer shall document the compilation flags used, their rationale, and any exceptions or limitations. Any exceptions to the flags or warnings shall be documented as to why they do not affect the security of the system.



  * Applicability: Product implemented in a compiled language

  * Reference: TR-SDDV

  * Objective: Secure design and development

  * Preparation: Document which flags should be used

  * Activities: Review compilation flags, warnings, and documentation for exceptions

  * Verdict: Documentation of flags exists, all warnings and exceptions are documented

  * Evidence: Documentation of flags, build system files, documentation of warnings and exceptions



#### 5.2.X.x Mapping of mitigations to risk factors and security profiles



Mitigations satisfy technical requirements only under when they mitigate the relevant risks appropriately. Risk factors are used to determine this. The below table shows which mitigations are appropriate to which use cases or security profiles based on the risk factors determined in the risk assessment.



| Risk factors        | Requires mitigations           |

|---------------------|--------------------------------|

| NET = 0             | None                           |

| NET = 0             | SCFS                           |

| NET <= 0 or COM = 0 | SSCA                           |

| NET > 0 and COM > 0 | FZ95 or ETIN or IMSL           |



| Security Profile    | Requires mitigations           |

|---------------------|--------------------------------|

| VI-1                | None                           |

| VI-1                | SCFS                           |

| WD-2                | SSCA                           |

| all others          | FZ95 or ETIN or IMSL           |
@@ -1435,60 +1447,6 @@ FIXME define RSKL/M/H as a function of other risk factors 


Need to specify encryption related stuff that is not covered by ACM.



### 5.X.Y **TR-SDDV**: Secure design and development



The manufacturer shall use best practices for secure design and development.



#### 5.2.X.x **MI-SCFS**: Secure compilation flags



The manufacturer shall ensure that all security-relevant firmware and software are compiled with secure compilation flags and options appropriate to the target platform and language. The manufacturer shall document the compilation flags used, their rationale, and any exceptions or limitations. Any exceptions to the flags or warnings shall be documented as to why they do not affect the security of the system.



  * Applicability: (for requirements that depend on a feature)

  * Reference: TR-SDDV

  * Objective: Secure design and development

  * Preparation: Document which flags should be used

  * Activities: Review compilation flags, warnings, and documentation for exceptions

  * Verdict: Documentation of flags exists, all warnings and exceptions are documented

  * Evidence: Documentation of flags, build system files, documentation of warnings and exceptions



[Any other mitigations available]



| Risk factors        | Requires mitigations |

|---------------------|----------------------|

| all                 | SCFS                 |



| Security Profile    | Requires mitigations |

|---------------------|----------------------|

| all                 | SCFS                 |



> Copy-n-paste mitigation format



### 5.X.Y **TR-XXXX**:



_Description of high-level requirement in “shall” format._



#### 5.X.Y.Z **MI-XXXX**:



_Description of mitigation implementing the requirement in "shall" format._



  * Applicability: (for requirements that depend on a feature)

  * Reference: TR-

  * Objective: 

  * Preparation: 

  * Activities: 

  * Verdict: 

  * Evidence: 



[Any other mitigations available]



| Risk factors        | Requires mitigations |

|---------------------|----------------------|

|                     |                      |



| Security Profile    | Requires mitigations |

|---------------------|----------------------|

|                     |                      |



#### Notes



Pull out more tests from this: