Module Security Plan#

Persistency Security Plan		status: valid security: YES safety: ASIL_B
tags: persistency realizes: wp__module_security_plan

doc__persistency_security_plan		Generic Document

Security Management Context#

This Security Plan adds to the gd_guidl__security_plan_definitions all the module development relevant workproducts needed for ISO SAE 21434 conformity.

Security Management Scope#

This Security Plan’s scope is a SW module of the SW platform Persistency Documentation. The module consists of one or more SW components and will be qualified as a EooC.

Security Management Roles#

Table 8 Module roles#
Role	Assignee
Security Manager	Karthik Vanka
Module Project Manager (= Feature team lead)	TBD

Tailoring#

Additional to the tailoring in the SW platform project as defined in the gd_guidl__security_plan_definitions we define here the additional tailoring on module level.

- Excluded for this module are additionally the following workproducts (and their related requirements):

- No workproducts excluded

Security Module Workproducts#

Table 9 Module Workproducts#
Workproduct Id	Link to process	Process status	Link to issue	Link to WP	WP status
wp__module_security_plan	gd_guidl__security_plan_definitions	valid	<Link to issue>	this document	valid
wp__module_security_package	gd_guidl__security_package	valid	<Link to issue>	this document (including the linked documentation)	valid
wp__fdr_reports (module Security Plan)	gd_chklst__security_plan	valid	<Link to issue>	Persistency Security Plan F... (doc__persistency_security_plan_fdr)	valid
wp__fdr_reports (module Security Package)	gd_chklst__security_package	valid	<Link to issue>	Persistency Security Packag... (doc__persistency_sec_pkg_fdr)	valid
wp__fdr_reports (module’s Security Analyses)	gd_guidl__security_analysis	valid	<Link to issue>	<Link to WP>	<automated>
wp__audit_report_security	performed by external experts	n/a	<Link to issue>	<Link to WP>	<WP status (manual)>
wp__module_security_manual	gd_temp__platform_security_manual	valid	<Link to issue>	<Link to WP>	<automated>
wp__verification_module_ver_report	gd_temp__mod_ver_report	valid	<Link to issue>	<Link to WP>	<automated>
wp__module_sw_release_note	gd_temp__rel_mod_rel_note	valid	<Link to issue>	<Link to WP>	<automated>
wp__sw_module_sbom	template not yet created	not started	<Link to issue>	<Link to WP>	<automated>

Table 10 Component Workproducts#
Workproduct Id	Link to process	Process status	Link to issue	Link to WP	WP status
wp__requirements_comp	gd_temp__req_comp_req	valid	<Link to issue>	KVS Requirements (doc__kvs_requirements)	<automated>
wp__requirements_comp_aou	gd_temp__req_aou_req	valid	<Link to issue>	KVS Requirements (doc__kvs_requirements)	<automated>
wp__requirements_inspect	gd_chklst__req_inspection	valid	n/a	Checklist used in Pull Request Review	n/a
wp__component_arch	gd_temp__arch_comp	valid	<Link to issue>	KVS Module Architecture (doc__kvs_architecture)	<automated>
wp__sw_component_security_analysis	wp__sw_component_security_analysis	draft	<Link to issue>	<Link to WP>	<automated>
wp__sw_arch_verification	gd_chklst__arch_inspection_checklist	valid	<Link to issue>	Checklist used in Pull Request Review	<automated>
wp__sw_implementation	gd_guidl__implementation	valid	<Link to issue>	<Link to WP>	<automated>
wp__verification_sw_unit_test	gd_guidl__verification_guide	valid	<Link to issue>	<Link to WP>	<automated>
wp__sw_implementation_inspection	gd_chklst__impl_inspection_checklist	valid	<Link to issue>	Checklist used in Pull Request Review	<automated>
wp__verification_comp_int_test	gd_guidl__verification_guide	valid	<Link to issue>	<Link to WP>	<automated>

Special Note#

Module security plan template will be refined and existing content will be synchronized as per new template.