.. # ******************************************************************************* # Copyright (c) 2025 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. # # This program and the accompanying materials are made available under the # terms of the Apache License Version 2.0 which is available at # https://www.apache.org/licenses/LICENSE-2.0 # # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* Security Package Formal Review Report ===================================== .. document:: Persistency Security Package Formal Review :id: doc__persistency_sec_pkg_fdr :status: valid :safety: ASIL_B :security: YES :realizes: wp__fdr_reports :tags: persistency **1. Purpose** The purpose of this review checklist is to report status of the formal review for the security package. **2. Checklist** .. list-table:: Security Package Checklist :header-rows: 1 * - Id - Security package activity - Compliant to ISO SAE 21434? - Comment * - 1 - Is a security package provided which matches the security plan (i.e. all planned work products referenced)? - [YES | NO ] - * - 2 - Is the argument how security is achieved, provided in the security package, plausible and sufficient? - NO - The argument is intentionally not provided by the Project. * - 3 - Are the referenced work products available? - [YES | NO ] - * - 4 - Are the referenced work products in released state, including the process security audit? - [YES | NO ] - Security audit is currently not planned, tailored out. * - 5 - If security related deviations from the process or security concept are documented, are these argued understandably? - [YES | NO ] - * - 6 - Are the requirements for post-development available? - [YES | NO ] -