diff options
| author |   Sebastien Douheret <sebastien.douheret@iot.bzh> | 2017-12-08 17:40:04 +0100 |
|---|---|---|
| committer | Sebastien Douheret <sebastien.douheret@iot.bzh> | 2017-12-08 17:40:35 +0100 |
| commit | df4bdd6e9e5669451e7f60ecdc5c9e0d25e3f726 (patch) | |
| tree | ab9ab609538816b61789ace9e5ad280cd1727a83 /security-blueprint/part-1 | |
| parent | 981e9b9c4a40e248733d45cfedc6a512bdf95f5e (diff) | |
Added templating for section-xxx tags.
Security Blueprint doc uses specific tags to display arrays
(see docs/security-blueprint/README.md)
Signed-off-by: Sebastien Douheret <sebastien.douheret@iot.bzh>
Diffstat (limited to 'security-blueprint/part-1')
| -rw-r--r-- | security-blueprint/part-1/0_Abstract.md | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/security-blueprint/part-1/0_Abstract.md b/security-blueprint/part-1/0_Abstract.md index 188c911..5664890 100644 --- a/security-blueprint/part-1/0_Abstract.md +++ b/security-blueprint/part-1/0_Abstract.md @@ -29,7 +29,7 @@ The board must store hardcoded cryptographic keys in order to verify among other the _integrity_ of the _bootloader_. Manufacturers can use **HSM** and **SHE** to enhance the security of their board. -<!-- config --> +<!-- section-config --> Domain | Object | Recommendations -------------------- | ---------- | ---------------------------------- @@ -37,7 +37,7 @@ Hardware-Integrity-1 | Bootloader | Must control bootloader integrity. Hardware-Integrity-2 | Board | Must use a HSM. Hardware-Integrity-3 | RTC | Must not be alterable. -<!-- endconfig --> +<!-- end-section-config --> -------------------------------------------------------------------------------- @@ -45,7 +45,7 @@ Hardware-Integrity-3 | RTC | Must not be alterable. ## Certificates -<!-- config --> +<!-- section-config --> Domain | Object | Recommendations ---------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- @@ -53,13 +53,13 @@ Hardware-Certificate-1 | System | Shall allow storing dedicated certificates. Hardware-Certificate-2 | ECU | The ECU must verify the certification authority hierarchy. Hardware-Certificate-3 | System | Allow the modification of certificates only if the source can be authenticated by a certificate already stored or in the higher levels of the chain of trust. -<!-- endconfig --> +<!-- end-section-config --> -------------------------------------------------------------------------------- ## Memory -<!-- config --> +<!-- section-config --> Domain | Object | Recommendations ----------------- | ---------- | ------------------------------------------------------------------------------------ @@ -67,4 +67,4 @@ Hardware-Memory-1 | ECU | The ECU shall never expose the unencrypted key Hardware-Memory-2 | Bootloader | Internal NVM only Hardware-Module-3 | - | HSM must be used to secure keys. -<!-- endconfig --> +<!-- end-section-config --> |