Security Analysis Workflows

For a detailed explanation of workflows and their role within the process model, please refer to the Introduction.

Security analysis is used as an umbrella term.

Analyze Platform		status: valid
tags: security_analysis contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__plat_threat_scenario has: doc_concept__security_analysis, doc_getstrt__security_analysis needs input: wp__requirements_feat, wp__feature_arch, wp__issue_track_system outputs: wp__platform_security_analysis responsible: rl__security_engineer approved by: rl__security_manager supported by: rl__contributor, rl__committer, rl__safety_manager satisfied by: gd_req__sec_structure, gd_req__sec_attr_uid, gd_req__sec_attr_title, gd_req__sec_attr_mitigated_by, gd_req__sec_attr_mitigation_issue, gd_req__sec_attr_sufficient, gd_req__sec_argument, gd_req__sec_attr_status, gd_req__sec_attr_teffect, gd_req__sec_linkage_check, gd_req__sec_linkage, gd_req__sec_attr_requirements_check, gd_req__sec_attr_requirements, gd_req__sec_attr_aou, gd_req__sec_attr_ver, gd_req__sec_linkage_status_check, gd_req__sec_attr_mandatory, gd_req__sec_linkage_security, gd_req__sec_finalization_check, gd_req__sec_attr_threat_scenario_id
With a platform Security Analysis the potential attack surfaces of features shall be analyzed. It shall be used as an input for all other analysis. There will be only one platform Security Analysis.
wf__analyse_sec_platform_featarch		Workflow

Analyse Feature Architecture		status: draft
tags: security_analysis contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__feat_threat_scenario, gd_guidl__threat_models_stride, gd_temp__feat_sec_ana_threat has: doc_concept__security_analysis, doc_getstrt__security_analysis needs input: wp__requirements_feat, wp__feature_arch, wp__issue_track_system outputs: wp__feature_security_analysis responsible: rl__security_engineer approved by: rl__security_manager supported by: rl__contributor, rl__committer, rl__safety_manager satisfied by: gd_req__sec_structure, gd_req__sec_attr_uid, gd_req__sec_attr_title, gd_req__sec_attr_mitigated_by, gd_req__sec_attr_mitigation_issue, gd_req__sec_attr_sufficient, gd_req__sec_argument, gd_req__sec_attr_status, gd_req__sec_attr_teffect, gd_req__sec_linkage_check, gd_req__sec_linkage, gd_req__sec_attr_requirements_check, gd_req__sec_attr_requirements, gd_req__sec_attr_aou, gd_req__sec_attr_ver, gd_req__sec_linkage_status_check, gd_req__sec_attr_mandatory, gd_req__sec_linkage_security, gd_req__sec_finalization_check, gd_req__sec_attr_threat_scenario_id, gd_req__sec_attr_stride_threat_id
The Security Analysis for the feature is executed.
wf__analyse_sec_featarch		Workflow

Analyse Component Architecture		status: draft
tags: security_analysis contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__comp_threat_scenario, gd_guidl__threat_models_stride, gd_temp__comp_sec_ana_threat has: doc_concept__security_analysis, doc_getstrt__security_analysis needs input: wp__requirements_comp, wp__component_arch, wp__issue_track_system outputs: wp__sw_component_security_analysis responsible: rl__security_engineer approved by: rl__security_manager supported by: rl__contributor, rl__committer, rl__safety_manager satisfied by: gd_req__sec_structure, gd_req__sec_attr_uid, gd_req__sec_attr_title, gd_req__sec_attr_mitigated_by, gd_req__sec_attr_mitigation_issue, gd_req__sec_attr_sufficient, gd_req__sec_argument, gd_req__sec_attr_status, gd_req__sec_attr_teffect, gd_req__sec_linkage_check, gd_req__sec_linkage, gd_req__sec_attr_requirements_check, gd_req__sec_attr_requirements, gd_req__sec_attr_aou, gd_req__sec_attr_ver, gd_req__sec_linkage_status_check, gd_req__sec_attr_mandatory, gd_req__sec_linkage_security, gd_req__sec_finalization_check, gd_req__sec_attr_threat_scenario_id, gd_req__sec_attr_stride_threat_id
The Security Analysis for the component is executed.
wf__analyse_sec_comparch		Workflow

Monitor Security Analysis		status: draft
tags: security_analysis contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__feat_threat_scenario, gd_temp__comp_threat_scenario, gd_guidl__threat_models_stride, gd_temp__feat_sec_ana_threat, gd_temp__comp_sec_ana_threat has: doc_concept__security_analysis, doc_getstrt__security_analysis needs input: wp__platform_security_analysis, wp__feature_security_analysis, wp__sw_component_security_analysis outputs: wp__verification_platform_ver_report, wp__issue_track_system, wp__verification_module_ver_report responsible: rl__security_engineer approved by: rl__security_manager supported by: rl__contributor, rl__committer, rl__safety_manager
The Security Analyses are monitored.
wf__mr_sec_analyses		Workflow

Verify Security Analysis		status: draft
tags: security_analysis contains: gd_guidl__sec_ana_threat_scenarios, gd_temp__feat_threat_scenario, gd_temp__comp_threat_scenario, gd_guidl__threat_models_stride, gd_temp__feat_sec_ana_threat, gd_temp__comp_sec_ana_threat, gd_chklst__security_analysis has: doc_concept__security_analysis, doc_getstrt__security_analysis needs input: wp__platform_security_analysis, wp__feature_security_analysis, wp__sw_component_security_analysis outputs: wp__verification_platform_ver_report, wp__verification_module_ver_report responsible: rl__security_engineer approved by: rl__security_manager supported by: rl__contributor, rl__committer, rl__safety_manager
The Security Analyses are verified. The verification criteria is that it can be proven that the security requirements for functions and the corresponding security monitoring are not violated.
wf__vy_sec_analyses		Workflow

RAS(IC) for Security Analysis

RASIC Overview for Security Analysis

Activity	Responsible	Approver	Supporter
wf__analyse_sec_featarch	rl__security_engineer	rl__security_manager	rl__contributor; rl__committer; rl__safety_manager
wf__analyse_sec_comparch	rl__security_engineer	rl__security_manager	rl__contributor; rl__committer; rl__safety_manager
wf__mr_sec_analyses	rl__security_engineer	rl__security_manager	rl__contributor; rl__committer; rl__safety_manager
wf__vy_sec_analyses	rl__security_engineer	rl__security_manager	rl__contributor; rl__committer; rl__safety_manager
wf__analyse_sec_platform_featarch	rl__security_engineer	rl__security_manager	rl__contributor; rl__committer; rl__safety_manager