summaryrefslogtreecommitdiffstats
path: root/security-blueprint/part-1
diff options
context:
space:
mode:
Diffstat (limited to 'security-blueprint/part-1')
-rw-r--r--security-blueprint/part-1/0_Abstract.md12
1 files changed, 6 insertions, 6 deletions
diff --git a/security-blueprint/part-1/0_Abstract.md b/security-blueprint/part-1/0_Abstract.md
index 188c911..5664890 100644
--- a/security-blueprint/part-1/0_Abstract.md
+++ b/security-blueprint/part-1/0_Abstract.md
@@ -29,7 +29,7 @@ The board must store hardcoded cryptographic keys in order to verify among other
the _integrity_ of the _bootloader_. Manufacturers can use **HSM** and **SHE** to
enhance the security of their board.
-<!-- config -->
+<!-- section-config -->
Domain | Object | Recommendations
-------------------- | ---------- | ----------------------------------
@@ -37,7 +37,7 @@ Hardware-Integrity-1 | Bootloader | Must control bootloader integrity.
Hardware-Integrity-2 | Board | Must use a HSM.
Hardware-Integrity-3 | RTC | Must not be alterable.
-<!-- endconfig -->
+<!-- end-section-config -->
--------------------------------------------------------------------------------
@@ -45,7 +45,7 @@ Hardware-Integrity-3 | RTC | Must not be alterable.
## Certificates
-<!-- config -->
+<!-- section-config -->
Domain | Object | Recommendations
---------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------
@@ -53,13 +53,13 @@ Hardware-Certificate-1 | System | Shall allow storing dedicated certificates.
Hardware-Certificate-2 | ECU | The ECU must verify the certification authority hierarchy.
Hardware-Certificate-3 | System | Allow the modification of certificates only if the source can be authenticated by a certificate already stored or in the higher levels of the chain of trust.
-<!-- endconfig -->
+<!-- end-section-config -->
--------------------------------------------------------------------------------
## Memory
-<!-- config -->
+<!-- section-config -->
Domain | Object | Recommendations
----------------- | ---------- | ------------------------------------------------------------------------------------
@@ -67,4 +67,4 @@ Hardware-Memory-1 | ECU | The ECU shall never expose the unencrypted key
Hardware-Memory-2 | Bootloader | Internal NVM only
Hardware-Module-3 | - | HSM must be used to secure keys.
-<!-- endconfig -->
+<!-- end-section-config -->