..
   # *******************************************************************************
   # Copyright (c) 2024 Contributors to the Eclipse Foundation
   #
   # See the NOTICE file(s) distributed with this work for additional
   # information regarding copyright ownership.
   #
   # This program and the accompanying materials are made available under the
   # terms of the Apache License Version 2.0 which is available at
   # https://www.apache.org/licenses/LICENSE-2.0
   #
   # SPDX-License-Identifier: Apache-2.0
   # *******************************************************************************

   # Some portions generated by Co-Pilot

.. _workflow_security_analysis:

Security Analysis Workflows
###########################

For a detailed explanation of workflows and their role within the process model, please refer to the :ref:`processes_introduction`.

Security analysis is used as an umbrella term.

.. workflow:: Analyze Platform
   :id: wf__analyse_sec_platform_featarch
   :status: valid
   :tags: security_analysis
   :responsible: rl__security_engineer
   :approved_by: rl__security_manager
   :supported_by: rl__contributor, rl__committer, rl__safety_manager
   :input: wp__requirements_feat, wp__feature_arch, wp__issue_track_system
   :output: wp__platform_security_analysis
   :contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__plat_threat_scenario
   :has: doc_concept__security_analysis, doc_getstrt__security_analysis

   | With a platform Security Analysis the potential attack surfaces of features shall
   | be analyzed. It shall be used as an input for all other analysis.
   | There will be only one platform Security Analysis.

.. workflow:: Analyse Feature Architecture
   :id: wf__analyse_sec_featarch
   :status: draft
   :tags: security_analysis
   :responsible: rl__security_engineer
   :approved_by: rl__security_manager
   :supported_by: rl__contributor, rl__committer, rl__safety_manager
   :input: wp__requirements_feat, wp__feature_arch, wp__issue_track_system
   :output: wp__feature_security_analysis
   :contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__feat_threat_scenario, gd_guidl__threat_models_stride, gd_temp__feat_sec_ana_threat
   :has: doc_concept__security_analysis, doc_getstrt__security_analysis

   | The Security Analysis for the feature is executed.

.. workflow:: Analyse Component Architecture
   :id: wf__analyse_sec_comparch
   :status: draft
   :tags: security_analysis
   :responsible: rl__security_engineer
   :approved_by: rl__security_manager
   :supported_by: rl__contributor, rl__committer, rl__safety_manager
   :input:  wp__requirements_comp, wp__component_arch, wp__issue_track_system
   :output: wp__sw_component_security_analysis
   :contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__comp_threat_scenario, gd_guidl__threat_models_stride, gd_temp__comp_sec_ana_threat
   :has: doc_concept__security_analysis, doc_getstrt__security_analysis

   | The Security Analysis for the component is executed.

.. workflow:: Monitor Security Analysis
   :id: wf__mr_sec_analyses
   :status: draft
   :tags: security_analysis
   :responsible: rl__security_engineer
   :approved_by: rl__security_manager
   :supported_by: rl__contributor, rl__committer, rl__safety_manager
   :input: wp__platform_security_analysis, wp__feature_security_analysis, wp__sw_component_security_analysis
   :output: wp__verification_platform_ver_report, wp__issue_track_system, wp__verification_module_ver_report
   :contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__feat_threat_scenario, gd_temp__comp_threat_scenario, gd_guidl__threat_models_stride, gd_temp__feat_sec_ana_threat, gd_temp__comp_sec_ana_threat
   :has: doc_concept__security_analysis, doc_getstrt__security_analysis

   | The Security Analyses are monitored.

.. workflow:: Verify Security Analysis
   :id: wf__vy_sec_analyses
   :status: draft
   :tags: security_analysis
   :responsible: rl__security_engineer
   :approved_by: rl__security_manager
   :supported_by: rl__contributor, rl__committer, rl__safety_manager
   :input: wp__platform_security_analysis, wp__feature_security_analysis, wp__sw_component_security_analysis
   :output: wp__verification_platform_ver_report, wp__verification_module_ver_report
   :contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__feat_threat_scenario, gd_temp__comp_threat_scenario, gd_guidl__threat_models_stride, gd_temp__feat_sec_ana_threat, gd_temp__comp_sec_ana_threat, gd_chklst__security_analysis
   :has: doc_concept__security_analysis, doc_getstrt__security_analysis

   | The Security Analyses are verified. The verification criteria is that it can be
   | proven that the security requirements for functions and the corresponding security
   | monitoring are not violated.


RAS(IC) for Security Analysis
*****************************


.. needtable:: RASIC Overview for Security Analysis
   :tags: security_analysis
   :filter: "security_analysis" in tags and type == "workflow" and is_external == False
   :style: table
   :sort: status
   :columns: id as "Activity";responsible as "Responsible";approved_by as "Approver";supported_by as "Supporter"
   :colwidths: 30,30,30,30