xref: /rk3399_ARM-atf/docs/threat_model/firmware_threat_model/index.rst (revision a4defaefe65379554f464e9cf2b4f4d9818740aa) 
1TF-A Firmware Threat Model
2==========================
3
4As the TF-A codebase is highly configurable to allow tailoring it best for each
5platform's needs, providing a holistic threat model covering all of its features
6is not necessarily the best approach. Instead, we provide a collection of
7documents which, together, form the project's threat model. These are
8articulated around a core document, called the :ref:`Generic Threat Model`,
9which focuses on the most common configuration we expect to see. The other
10documents typically focus on specific features not covered in the core document.
11
12As the TF-A codebase evolves and new features get added, these threat model
13documents will be updated and extended in parallel to reflect at best the
14current status of the code from a security standpoint.
15
16   .. note::
17
18      Although our aim is eventually to provide threat model material for all
19      features within the project, we have not reached that point yet. We expect
20      to gradually fill these gaps over time.
21
22      Also, when a non-trivial feature gets introduced into the code base, it is
23      often tagged as experimental for some period of time. Such experimental
24      features typically may not be formally threat-modelled until their design
25      and implementation stabilize. Therefore, these features are considered out
26      of scope of TF-A's threat model. See :ref:`Experimental features
27      definition` and :ref:`build_options_experimental` for more details.
28
29Each of these documents give a description of the target of evaluation using a
30data flow diagram, as well as a list of threats we have identified using the
31`STRIDE threat modeling technique`_ and corresponding mitigations.
32
33.. toctree::
34   :maxdepth: 1
35   :caption: Contents
36
37   threat_model
38   threat_model_el3_spm
39   threat_model_rse_interface
40   threat_model_arm_cca
41   threat_model_fw_update_and_recovery
42   threat_model_firmware_handoff
43
44--------------
45
46*Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.*
47
48.. _STRIDE threat modeling technique: https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats#stride-model
49