Module Security Plan Template#
Module Security Plan Template
|
status: valid
|
||||||||
Will be moved to Folder Templates (tbd eclipse-score/process_description#109) For the content see here: need:doc__module_name_security_plan Will also adapted to the latest Safety Plan Template 1. Security Management Context
This Security Plan adds to the Concept Description all the module development relevant work products needed for ISO SAE 21434 conformity.
2. Security Management Scope
This Security Plan’s scope is a SW module of the SW platform <link to module documentation in platform/modules/<modulename>/index.rst>.
The module consists of one or more SW components and will be qualified as a EooC.
3. Security Management Roles
4. Tailoring
Additional to the tailoring in the SW platform project as defined in the Concept Description we define here the additional tailoring on module level.
- Excluded for this module are additionally the following work products (and their related requirements):
- <ISO SAE 21434 reference>: <work product/requirement> - <Argumentation why it is not needed or replaced by another work product or activity.>
5. Security Module Work Products
One set of work products for the module and one set for each component of the module:
|
|||||||||
Work Product Id |
Link to process |
Process status |
Link to issue |
Link to WP |
WP status |
|---|---|---|---|---|---|
<automated> |
<Link to issue> |
this document |
see above |
||
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
||
Formal Document Review Reports (wp__fdr_reports) (module Security Plan) |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
Formal Document Review Reports (wp__fdr_reports) (module Security Package) |
Security Package Formal Review Checklist (gd_chklst__security_package) |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
Formal Document Review Reports (wp__fdr_reports) (module’s Security Analyses) |
Security Analysis FDR tbd |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
performed by external experts |
n/a |
<Link to issue> |
<Link to WP> |
<WP status (manual)> |
|
Software Development Plan Template (gd_temp__software_development_plan) |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
||
Module Verification Report (wp__verification_module_ver_report) |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
||
not started |
<Link to issue> |
<Link to WP> |
<automated> |
Work Product Id |
Link to process |
Process status |
Link to issue |
Link to WP |
WP status |
|---|---|---|---|---|---|
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
<Link to process> |
<automated> |
n/a |
Checklist used in Pull Request Review |
n/a |
|
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
Component Security Analysis (wp__sw_component_security_analysis) |
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
|
Implementation Inspection (wp__sw_implementation_inspection) |
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |
<Link to process> |
<automated> |
<Link to issue> |
<Link to WP> |
<automated> |