mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-08 05:43:53 +00:00
b908814c74
Software supply chain attacks aim to inject malicious code into a software product. There are several ways a malicious code can be injected into a software product (open-source project). These include: - Malicious code commits - Malicious dependencies - Malicious toolchains This document provides analysis of software supply chain attack threats for the TF-A project Change-Id: I03545d65a38dc372f3868a16c725b7378640a771 Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
17 lines
388 B
ReStructuredText
17 lines
388 B
ReStructuredText
Threat Model
|
|
============
|
|
|
|
Threat modeling is an important part of Secure Development Lifecycle (SDL)
|
|
that helps us identify potential threats and mitigations affecting a system.
|
|
|
|
|
|
.. toctree::
|
|
:maxdepth: 1
|
|
:caption: Contents
|
|
|
|
firmware_threat_model/index
|
|
supply_chain_threat_model
|
|
|
|
--------------
|
|
|
|
*Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.*
|