5 https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/annexes/ConfigNotes.md
8 <!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml -->
11 <!-- section-config -->
13 Domain | Object | Recommendations
14 -------------------- | ---------- | ----------------------------------
15 Hardware-Integrity-1 | Bootloader | Must control bootloader integrity.
16 Hardware-Integrity-2 | Board | Must use a HSM.
17 Hardware-Integrity-3 | RTC | Must not be alterable.
19 Domain | Object | Recommendations
20 ---------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------
21 Hardware-Certificate-1 | System | Shall allow storing dedicated certificates.
22 Hardware-Certificate-2 | ECU | The ECU must verify the certification authority hierarchy.
23 Hardware-Certificate-3 | System | Allow the modification of certificates only if the source can be authenticated by a certificate already stored or in the higher levels of the chain of trust.
25 Domain | Object | Recommendations
26 ----------------- | ---------- | ------------------------------------------------------------------------------------
27 Hardware-Memory-1 | ECU | The ECU shall never expose the unencrypted key in RAM when using cryptographic keys.
28 Hardware-Memory-2 | Bootloader | Internal NVM only
29 Hardware-Module-3 | - | HSM must be used to secure keys.
31 Domain | _Variable_ / `Config` name | `Value`
32 ---------------------- | -------------------------- | -------
33 Boot-Image-Selection-1 | `CONFIG_BOOTDELAY` | `-2`
34 Boot-Image-Selection-2 | _bootdelay_ | `-2`
36 Domain | `Config` name | _State_
37 ------------------------- | ---------------------------- | --------
38 Boot-Image-Authenticity-1 | `CONFIG_FIT` | _Enable_
39 Boot-Image-Authenticity-2 | `CONFIG_FIT_SIGNATURE` | _Enable_
40 Boot-Image-Authenticity-3 | `CONFIG_RSA` | _Enable_
41 Boot-Image-Authenticity-4 | `CONFIG_OF_CONTROL` | _Enable_
42 Boot-Image-Authenticity-5 | `CONFIG_OF_SEPARATE` | _Enable_
43 Boot-Image-Authenticity-6 | `CONFIG_DEFAULT_DEVICE_TREE` | _Enable_
45 Domain | Communication modes | _State_
46 -------------------- | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------
47 Boot-Communication-1 | `USB` | _Disabled_ and _Compiled-out_ if not required.
48 Boot-Communication-2 | `USB` | Else, Kernel should be configured to only enable the minimum required USB devices and filesystems should be treated with special care.
49 Boot-Communication-3 | `Ethernet` | _Disabled_
50 Boot-Communication-4 | U-boot and sboot `DOCSIS` | _Disabled_
51 Boot-Communication-5 | `Serial ports` | _Disabled_
53 Domain | `Config` name | _State_
54 ------------------------ | ----------------------- | -------------
55 Boot-Communication-USB-1 | `CONFIG_CMD_USB` | _Not defined_
56 Boot-Communication-USB-2 | `CONFIG_USB_UHCI` | _Not defined_
57 Boot-Communication-USB-3 | `CONFIG_USB_KEYBOARD` | _Not defined_
58 Boot-Communication-USB-4 | `CONFIG_USB_STORAGE` | _Not defined_
59 Boot-Communication-USB-5 | `CONFIG_USB_HOST_ETHER` | _Not defined_
61 Domain | Communication modes | _State_
62 -------------------- | -------------------- | ---------------------------------------------------------------------------------------------
63 Boot-Communication-1 | `Network interfaces` | Preferably _no network interface is allowed_, otherwise, restrict the services to those used.
65 Domain | Object | Recommendations
66 -------------------- | --------------------------------- | -------------------------------------------------------------
67 Boot-Communication-1 | `Services`, `ports` and `devices` | Restrict the `services`, `ports` and `devices` to those used.
69 Domain | `Command` name | _State_
70 -------------------------- | -------------- | ---------
71 Boot-Communication-Flash-1 | `do_nand` | _Disable_
73 Domain | `Config` name | `Value`
74 ---------------------- | --------------------------------------- | ---------
75 Boot-Consoles-Serial-1 | `CONFIG_SILENT_CONSOLE` | `Disable`
76 Boot-Consoles-Serial-2 | `CONFIG_SYS_DEVICE_NULLDEV` | `Disable`
77 Boot-Consoles-Serial-3 | `CONFIG_SILENT_CONSOLE_UPDATE_ON_RELOC` | `Disable`
79 Domain | `Environment variable` name | _State_
80 ---------------------- | --------------------------- | -------------
81 Boot-Consoles-Serial-1 | `INC_DEBUG_PRINT` | _Not defined_
83 Domain | `Config` name | _State_
84 -------------------------- | ---------------------------- | ---------
85 Boot-Consoles-Variables-1 | `CONFIG_ENV_IS_IN_MMC` | `#undef`
86 Boot-Consoles-Variables-2 | `CONFIG_ENV_IS_IN_EEPROM` | `#undef`
87 Boot-Consoles-Variables-3 | `CONFIG_ENV_IS_IN_FLASH` | `#undef`
88 Boot-Consoles-Variables-4 | `CONFIG_ENV_IS_IN_DATAFLASH` | `#undef`
89 Boot-Consoles-Variables-5 | `CONFIG_ENV_IS_IN_FAT` | `#undef`
90 Boot-Consoles-Variables-6 | `CONFIG_ENV_IS_IN_NAND` | `#undef`
91 Boot-Consoles-Variables-7 | `CONFIG_ENV_IS_IN_NVRAM` | `#undef`
92 Boot-Consoles-Variables-8 | `CONFIG_ENV_IS_IN_ONENAND` | `#undef`
93 Boot-Consoles-Variables-9 | `CONFIG_ENV_IS_IN_SPI_FLASH` | `#undef`
94 Boot-Consoles-Variables-10 | `CONFIG_ENV_IS_IN_REMOTE` | `#undef`
95 Boot-Consoles-Variables-11 | `CONFIG_ENV_IS_IN_UBI` | `#undef`
96 Boot-Consoles-Variables-12 | `CONFIG_ENV_IS_NOWHERE` | `#define`
98 Domain | `Command` name | _State_
99 ----------------------- | -------------- | ----------
100 Boot-Consoles-MemDump-1 | `md` | _Disabled_
101 Boot-Consoles-MemDump-2 | `mm` | _Disabled_
102 Boot-Consoles-MemDump-3 | `nm` | _Disabled_
103 Boot-Consoles-MemDump-4 | `mw` | _Disabled_
104 Boot-Consoles-MemDump-5 | `cp` | _Disabled_
105 Boot-Consoles-MemDump-6 | `mwc` | _Disabled_
106 Boot-Consoles-MemDump-7 | `mdc` | _Disabled_
107 Boot-Consoles-MemDump-8 | `mtest` | _Disabled_
108 Boot-Consoles-MemDump-9 | `loopw` | _Disabled_
110 Domain | `Config` name | `Value`
111 -------------------- | -------------- | --------------------------------------
112 Kernel-General-MAC-1 | CONFIG_IP_NF_SECURITY | m
113 Kernel-General-MAC-2 | CONFIG_IP6_NF_SECURITY | m
114 Kernel-General-MAC-3 | CONFIG_EXT2_FS_SECURITY | y
115 Kernel-General-MAC-4 | CONFIG_EXT3_FS_SECURITY | y
116 Kernel-General-MAC-5 | CONFIG_EXT4_FS_SECURITY | y
117 Kernel-General-MAC-6 | CONFIG_SECURITY | y
118 Kernel-General-MAC-7 | CONFIG_SECURITY_SMACK | y
119 Kernel-General-MAC-8 | CONFIG_TMPFS_XATTR | y
121 Domain | `Config` name | `Value`
122 ---------------------- | -------------- | -------
123 Kernel-General-kexec-1 | `CONFIG_KEXEC` | `n`
125 Domain | `Config` name | `Value`
126 --------------------------- | --------------- | -------
127 Kernel-General-IPAutoConf-1 | `CONFIG_IP_PNP` | `n`
129 Domain | `Config` name | `Value`
130 ------------------------------- | ----------------------- | -------
131 Kernel-General-SysCtl_SysCall-1 | `CONFIG_SYSCTL_SYSCALL` | `n`
133 Domain | `Config` name | `Value`
134 ---------------------------- | --------------- | -------
135 Kernel-General-LegacyLinux-1 | `CONFIG_USELIB` | `n`
137 Domain | `Config` name | `Value`
138 --------------------------- | ------------------------------ | -------
139 Kernel-General-FirmHelper-1 | `CONFIG_FW_LOADER_USER_HELPER` | `n`
141 Domain | `Config` name | `Value`
142 ---------------------------- | ---------------------- | -------
143 Kernel-General-PanicOnOOPS-1 | `CONFIG_PANIC_ON_OOPS` | `y`
145 Domain | `Config` name | `Value`
146 -------------------------- | -------------------- | -------
147 Kernel-General-SocketMon-1 | `CONFIG_PACKET_DIAG` | `n`
148 Kernel-General-SocketMon-2 | `CONFIG_UNIX_DIAG` | `n`
150 Domain | `Config` name | `Value`
151 ------------------------ | ---------------- | -------
152 Kernel-General-BPF_JIT-1 | `CONFIG_BPF_JIT` | `n`
154 Domain | `Config` name | `Value`
155 ------------------------------ | ------------------------- | -------
156 Kernel-General-ModuleSigning-1 | `CONFIG_MODULE_SIG_FORCE` | `y`
158 Domain | `Variable` name | `Value`
159 ------------------------------ | ------------------------- | -------
160 Kernel-General-ModuleSigning-2 | `kernel.modules_disabled` | `1`
162 Domain | Object | _State_
163 ------------------------ | ------------------- | ----------
164 Kernel-General-Drivers-1 | `USB` | _Disabled_
165 Kernel-General-Drivers-2 | `PCMCIA` | _Disabled_
166 Kernel-General-Drivers-3 | Other `hotplug` bus | _Disabled_
168 Domain | `compiler` and `linker` options | _State_
169 -------------------------------- | ------------------------------- | --------
170 Kernel-General-IndependentExec-1 | `-pie -fpic` | _Enable_
172 Domain | `compiler` and `linker` options | _State_
173 --------------------------------- | ------------------------------- | --------
174 Kernel-General-OverwriteAttacks-1 | `-z,relro` | _Enable_
175 Kernel-General-OverwriteAttacks-2 | `-z,now` | _Enable_
177 Domain | Object | Recommendations
178 ------------------------------- | --------------- | --------------------------------
179 Kernel-General-LibraryLinking-1 | Dynamic linking | Should generally not be allowed.
181 Domain | `Config` name | `Value`
182 ------------------------------ | ---------------- | -------
183 Kernel-Memory-RestrictAccess-1 | `CONFIG_DEVKMEM` | `n`
185 Domain | `Config` name | `Value`
186 ------------------------ | ------------------- | -------
187 Kernel-Memory-CoreDump-1 | `CONFIG_PROC_KCORE` | `n`
189 Domain | `Config` name | `Value`
190 -------------------- | ------------- | -------
191 Kernel-Memory-Swap-1 | `CONFIG_SWAP` | `n`
193 Domain | `Config` name | `Value`
194 ------------------------------ | --------------------- | -------
195 Kernel-Memory-LoadAllSymbols-1 | `CONFIG_KALLSYMS` | `n`
196 Kernel-Memory-LoadAllSymbols-2 | `CONFIG_KALLSYMS_ALL` | `n`
198 Domain | `Config` name | `Value`
199 --------------------- | -------------------------- | -------
200 Kernel-Memory-Stack-1 | `CONFIG_CC_STACKPROTECTOR` | `y`
202 Domain | `Config` name | `Value`
203 ---------------------- | --------------- | -------
204 Kernel-Memory-Access-1 | `CONFIG_DEVMEM` | `n`
206 Domain | `Config` name | `Value`
207 ------------------------------ | --------------------- | -------
208 Kernel-Memory-CrossMemAttach-1 | `CROSS_MEMORY_ATTACH` | `n`
210 Domain | `compiler` and `linker` options | _State_
211 ----------------------------- | ------------------------------- | --------
212 Kernel-Memory-StackSmashing-1 | `-fstack-protector-all` | _Enable_
214 Domain | `compiler` options and `config` name | `Value`
215 ------------------------------- | ------------------------------------ | -------
216 Kernel-Memory-BufferOverflows-1 | `-D_FORTIFY_SOURCE` | `2`
217 Kernel-Memory-BufferOverflows-2 | `CONFIG_FORTIFY_SOURCE` | `y`
219 Domain | `Config` name | `Value`
220 ------------------------ | ---------------------------- | -------
221 Kernel-Consoles-Serial-1 | `CONFIG_SERIAL_8250` | `n`
222 Kernel-Consoles-Serial-2 | `CONFIG_SERIAL_8250_CONSOLE` | `n`
223 Kernel-Consoles-Serial-3 | `CONFIG_SERIAL_CORE` | `n`
224 Kernel-Consoles-Serial-4 | `CONFIG_SERIAL_CORE_CONSOLE` | `n`
226 Domain | `Config` name | `Value`
227 ----------------------------- | ------------------------- | -----------------------------------
228 Kernel-Consoles-CommandLine-1 | `CONFIG_CMDLINE_BOOL` | `y`
229 Kernel-Consoles-CommandLine-2 | `CONFIG_CMDLINE` | `"insert kernel command line here"`
230 Kernel-Consoles-CommandLine-3 | `CONFIG_CMDLINE_OVERRIDE` | `y`
232 Domain | `Config` name | `Value`
233 ---------------------- | ------------- | -------
234 Kernel-Consoles-KDBG-1 | `CONFIG_KGDB` | `n`
236 Domain | `Config` name | `Value`
237 ----------------------- | -------------------- | -------
238 Kernel-Consoles-SysRQ-1 | `CONFIG_MAGIC_SYSRQ` | `n`
240 Domain | `Config` name | `Value`
241 ------------------------------ | -------------------- | -------
242 Kernel-Consoles-BinaryFormat-1 | `CONFIG_BINFMT_MISC` | `n`
244 Domain | `Config` name | `Value`
245 ---------------------- | ------------------- | -------
246 Kernel-Debug-Symbols-1 | `CONFIG_DEBUG_INFO` | `n`
248 Domain | `Config` name | `Value`
249 ---------------------- | ---------------- | -------
250 Kernel-Debug-Kprobes-1 | `CONFIG_KPROBES` | `n`
252 Domain | `Config` name | `Value`
253 ---------------------- | --------------- | -------
254 Kernel-Debug-Tracing-1 | `CONFIG_FTRACE` | `n`
256 Domain | `Config` name | `Value`
257 ------------------------ | ------------------ | -------
258 Kernel-Debug-Profiling-1 | `CONFIG_OPROFILE` | `n`
259 Kernel-Debug-Profiling-2 | `CONFIG_PROFILING` | `n`
261 Domain | `Config` name | `Value`
262 ------------------------ | ------------------------- | -------
263 Kernel-Debug-OOPSOnBUG-1 | `CONFIG_DEBUG_BUGVERBOSE` | `n`
265 Domain | `Config` name | `Value`
266 ------------------ | --------------------- | -------
267 Kernel-Debug-Dev-1 | `CONFIG_DEBUG_KERNEL` | `n`
268 Kernel-Debug-Dev-2 | `CONFIG_EMBEDDED` | `n`
270 Domain | `Config` name | `Value`
271 ------------------------- | ----------------- | -------
272 Kernel-Debug-FileSystem-1 | `CONFIG_DEBUG_FS` | `n`
274 Domain | `Config` name | `Value`
275 ------------------ | ------------- | -------
276 Kernel-Debug-BUG-1 | `CONFIG_BUG` | `n`
278 Domain | `Config` name | `Value`
279 ------------------------ | ----------------- | -------
280 Kernel-Debug-CoreDumps-1 | `CONFIG_COREDUMP` | `n`
282 Domain | `File` name | `Value`
283 ---------------------------- | -------------------------------- | -------
284 Kernel-Debug-AdressDisplay-1 | `/proc/sys/kernel/kptr_restrict` | `1`
286 Domain | `File` or `Directorie` name | _State_
287 ---------------------------- | --------------------------- | -----------------------------
288 Kernel-Debug-AdressDisplay-1 | `/boot/vmlinuz*` | _Readable Only for root user_
289 Kernel-Debug-AdressDisplay-2 | `/boot/System.map*` | _Readable Only for root user_
290 Kernel-Debug-AdressDisplay-3 | `/sys/kernel/debug/` | _Readable Only for root user_
291 Kernel-Debug-AdressDisplay-4 | `/proc/slabinfo` | _Readable Only for root user_
293 Domain | `File` name | `Value`
294 -------------------- | --------------------------------- | -------
295 Kernel-Debug-DMESG-1 | `/proc/sys/kernel/dmesg_restrict` | `1`
297 Domain | `Config` name | `Value`
298 --------------------- | ----------------- | -------
299 Kernel-Debug-Config-1 | `CONFIG_IKCONFIG` | `n`
301 Domain | `Config` name | `Value`
302 ------------------------ | --------------- | -------
303 Kernel-FileSystems-NFS-1 | `CONFIG_NFSD` | `n`
304 Kernel-FileSystems-NFS-2 | `CONFIG_NFS_FS` | `n`
306 Domain | `Partition` | `Value`
307 -------------------------- | ------------------- | -----------------------------------------------------------------
308 Kernel-FileSystems-Mount-1 | `/boot` | `nosuid`, `nodev` and `noexec`.
309 Kernel-FileSystems-Mount-2 | `/var` & `/tmp` | In `/etc/fstab` or `vfstab`, add `nosuid`, `nodev` and `noexec`.
310 Kernel-FileSystems-Mount-3 | _Non-root local_ | If type is `ext2` or `ext3` and mount point not '/', add `nodev`.
311 Kernel-FileSystems-Mount-4 | _Removable storage_ | Add `nosuid`, `nodev` and `noexec`.
312 Kernel-FileSystems-Mount-5 | _Temporary storage_ | Add `nosuid`, `nodev` and `noexec`.
313 Kernel-FileSystems-Mount-6 | `/dev/shm` | Add `nosuid`, `nodev` and `noexec`.
314 Kernel-FileSystems-Mount-7 | `/dev` | Add `nosuid` and `noexec`.
316 Domain | `Config` name | _State_ or `Value`
317 -------------------------- | ----------------------- | -----------------------------------------------------------------------
318 Kernel-FileSystems-Mount-1 | `CONFIG_DEVTMPFS_MOUNT` | _Disabled_ or add remount with `noexec` and `nosuid` to system startup.
320 Domain | `Label` name | Recommendations
321 ------------------ | ------------ | -----------------------------------------------------------
322 Kernel-MAC-Floor-1 | `^` | Only for privileged system services.
323 Kernel-MAC-Floor-2 | `*` | Used for device files or `/tmp` Access restriction via DAC.
325 Domain | `Label` name | Recommendations
326 ------------------- | ---------------- | -------------------------------------------------------------------------------------------------------------
327 Kernel-MAC-System-1 | `System` | Process should write only to file with transmute attribute.
328 Kernel-MAC-System-2 | `System::run` | Files are created with the directory label from user and system domain (transmute) Lock is implicit with `w`.
329 Kernel-MAC-System-3 | `System::Shared` | Files are created with the directory label from system domain (transmute) User domain has locked privilege.
330 Kernel-MAC-System-4 | `System::Log` | Some limitation may impose to add `w` to enable append.
331 Kernel-MAC-System-5 | `System::Sub` | Isolation of risky Subsystem.
333 Domain | `Label` name | Recommendations
334 ------------------- | ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------
335 Kernel-MAC-System-1 | `User::Pkg::$AppID` | Only one Label is allowed per App. A data directory is created by the AppFw in `rwx` mode.
336 Kernel-MAC-System-2 | `User::Home` | AppFw needs to create a directory in `/home/$USER/App-Shared` at first launch if not present with label app-data access is `User::App-Shared` without transmute.
337 Kernel-MAC-System-3 | `User::App-Shared` | Shared space between all App running for a given user.
339 Domain | Object | Recommendations
340 ------------------ | -------------- | ------------------------------------
341 Platform-SystemD-1 | Security model | Use Namespaces for containerization.
342 Platform-SystemD-2 | Security model | Use CGroups to organise processes.
344 Domain | Object | Recommendations
345 --------------- | -------------- | ------------------------------------
346 Platform-DBus-1 | Security model | Use D-Bus as IPC.
347 Platform-DBus-2 | Security model | Apply D-BUS security patches: [D-Bus CVE](https://www.cvedetails.com/vulnerability-list/vendor_id-13442/D-bus-Project.html)
349 Domain | `Tool` name | _State_
350 -------------------- | ----------- | -------
351 Platform-Utilities-1 | `connman` | _Used_ as a connection manager.
352 Platform-Utilities-2 | `bluez` | _Used_ as a Bluetooth manager.
353 Platform-Utilities-3 | `gstreamer` | _Used_ to manage multimedia file format.
354 Platform-Utilities-4 | `alsa` | _Used_ to provides an API for sound card device drivers.
356 Domain | Object | Recommendations
357 ---------------------- | -------------- | --------------------------------
358 Platform-AGLFw-AppFw-1 | Security model | Use the AppFw as Security model.
360 Domain | Object | Recommendations
361 ----------------------- | ----------- | -------------------------------------
362 Platform-AGLFw-Cynara-1 | Permissions | Use Cynara as policy-checker service.
364 Domain | `Tool` name | _State_
365 -------------------- | ----------- | ----------------------------------------------------------------------
366 Platform-Utilities-1 | `busybox` | _Used_ to provide a number of tools. Do not compile development tools.
368 Domain | `Utility` name and normal `path` | _State_
369 --------------------- | ---------------------------------------------------- | ----------
370 Platform-Utilities-1 | `chgrp` in `/bin/chgrp` | _Disabled_
371 Platform-Utilities-2 | `chmod` in `/bin/chmod` | _Disabled_
372 Platform-Utilities-3 | `chown` in `/bin/chown` | _Disabled_
373 Platform-Utilities-4 | `dmesg` in `/bin/dmesg` | _Disabled_
374 Platform-Utilities-5 | `Dnsdomainname` in `/bin/dnsdomainname` | _Disabled_
375 Platform-Utilities-6 | `dropbear`, Remove "dropbear" from `/etc/init.d/rcs` | _Disabled_
376 Platform-Utilities-7 | `Editors` in (vi) `/bin/vi` | _Disabled_
377 Platform-Utilities-8 | `find` in `/bin/find` | _Disabled_
378 Platform-Utilities-9 | `gdbserver` in `/bin/gdbserver` | _Disabled_
379 Platform-Utilities-10 | `hexdump` in `/bin/hexdump` | _Disabled_
380 Platform-Utilities-11 | `hostname` in `/bin/hostname` | _Disabled_
381 Platform-Utilities-12 | `install` in `/bin/install` | _Disabled_
382 Platform-Utilities-13 | `iostat` in `/bin/iostat` | _Disabled_
383 Platform-Utilities-14 | `killall` in `/bin/killall` | _Disabled_
384 Platform-Utilities-15 | `klogd` in `/sbin/klogd` | _Disabled_
385 Platform-Utilities-16 | `logger` in `/bin/logger` | _Disabled_
386 Platform-Utilities-17 | `lsmod` in `/sbin/lsmod` | _Disabled_
387 Platform-Utilities-18 | `pmap` in `/bin/pmap` | _Disabled_
388 Platform-Utilities-19 | `ps` in `/bin/ps` | _Disabled_
389 Platform-Utilities-20 | `ps` in `/bin/ps` | _Disabled_
390 Platform-Utilities-21 | `rpm` in `/bin/rpm` | _Disabled_
391 Platform-Utilities-22 | `SSH` | _Disabled_
392 Platform-Utilities-23 | `stbhotplug` in `/sbin/stbhotplug` | _Disabled_
393 Platform-Utilities-24 | `strace` in `/bin/trace` | _Disabled_
394 Platform-Utilities-25 | `su` in `/bin/su` | _Disabled_
395 Platform-Utilities-26 | `syslogd` in (logger) `/bin/logger` | _Disabled_
396 Platform-Utilities-27 | `top` in `/bin/top` | _Disabled_
397 Platform-Utilities-28 | `UART` in `/proc/tty/driver/` | _Disabled_
398 Platform-Utilities-29 | `which` in `/bin/which` | _Disabled_
399 Platform-Utilities-30 | `who` and `whoami` in `/bin/whoami` | _Disabled_
400 Platform-Utilities-31 | `awk` (busybox) | _Enabled_
401 Platform-Utilities-32 | `cut` (busybox) | _Enabled_
402 Platform-Utilities-33 | `df` (busybox) | _Enabled_
403 Platform-Utilities-34 | `echo` (busybox) | _Enabled_
404 Platform-Utilities-35 | `fdisk` (busybox) | _Enabled_
405 Platform-Utilities-36 | `grep` (busybox) | _Enabled_
406 Platform-Utilities-37 | `mkdir` (busybox) | _Enabled_
407 Platform-Utilities-38 | `mount` (vfat) (busybox) | _Enabled_
408 Platform-Utilities-39 | `printf` (busybox) | _Enabled_
409 Platform-Utilities-40 | `sed` in `/bin/sed` (busybox) | _Enabled_
410 Platform-Utilities-41 | `tail` (busybox) | _Enabled_
411 Platform-Utilities-42 | `tee` (busybox) | _Enabled_
412 Platform-Utilities-43 | `test` (busybox) | _Enabled_
414 Domain | Object | Recommendations
415 --------------------- | ---------------- | -----------------------------------------------------
416 Platform-Users-root-1 | Main application | Should not execute as root.
417 Platform-Users-root-2 | UI | Should run in a context on a user with no capability.
419 Domain | `Utility` name | _State_
420 --------------------- | -------------- | -------------
421 Platform-Users-root-3 | `login` | _Not allowed_
422 Platform-Users-root-4 | `su` | _Not allowed_
423 Platform-Users-root-5 | `ssh` | _Not allowed_
424 Platform-Users-root-6 | `scp` | _Not allowed_
425 Platform-Users-root-7 | `sftp` | _Not allowed_
427 Domain | Object | Recommendations
428 -------------------------- | --------- | -----------------------------------------------------------------------
429 Application-Installation-1 | AppFw | Provide offline-mode in order to install app with the base image.
430 Application-Installation-2 | Integrity | Allow the installation of applications only if their integrity is good.
432 Domain | Tech name | Recommendations
433 ---------------------------------- | --------- | --------------------------------------------------------------------------
434 Connectivity-BusAndConnector-Bus-1 | CAN | Implement hardware solution in order to prohibit sending unwanted signals.
436 Domain | Tech name | Recommendations
437 ----------------------------------------- | --------- | ----------------------------------------------------------------------
438 Connectivity-BusAndConnector-Connectors-1 | USB | Must be disabled. If not, only enable the minimum require USB devices.
439 Connectivity-BusAndConnector-Connectors-2 | USB | Confidential data exchanged with the ECU over USB must be secure.
440 Connectivity-BusAndConnector-Connectors-3 | USB | USB Boot on a ECU must be disable.
441 Connectivity-BusAndConnector-Connectors-4 | OBD-II | Must be disabled outside garages.
443 Domain | Object | Recommendations
444 ----------------------- | ------ | ------------------------------------------------------------------
445 Connectivity-Wireless-1 | Update | Always follow the latest updates of remote communication channels.
447 Domain | Tech name or object | Recommendations
448 ---------------------------- | ------------------- | -------------------------------------------------------------------------
449 Connectivity-Wireless-Wifi-1 | WEP, PSK, TKIP | Disabled
450 Connectivity-Wireless-Wifi-2 | WPA2 and AES-CCMP | Used
451 Connectivity-Wireless-Wifi-3 | WPA2 | Should protect data sniffing.
452 Connectivity-Wireless-Wifi-4 | PSK | Changing regularly the password.
453 Connectivity-Wireless-Wifi-5 | Device | Upgraded easily in software or firmware to have the last security update.
455 Domain | Tech name | Recommendations
456 --------------------------------- | ------------- | ------------------------------------------------------------
457 Connectivity-Wireless-Bluetooth-1 | BLE | Use with caution.
458 Connectivity-Wireless-Bluetooth-2 | Bluetooth | Monitoring
459 Connectivity-Wireless-Bluetooth-3 | SSP | Avoid using the "Just Works" association model.
460 Connectivity-Wireless-Bluetooth-4 | Visibility | Configured by default as undiscoverable. Except when needed.
461 Connectivity-Wireless-Bluetooth-5 | Anti-scanning | Used, inter alia, to slow down brute force attacks.
463 Domain | Tech name | Recommendations
464 -------------------------------- | --------- | --------------------------
465 Connectivity-Wireless-Cellular-1 | GPRS/EDGE | Avoid
466 Connectivity-Wireless-Cellular-2 | UMTS/HSPA | Protected against Jamming.
468 Domain | Tech name | Recommendations
469 ----------------------------- | --------- | --------------------------------------------
470 Connectivity-Wireless-Radio-1 | RDS | Only audio output and meta concerning radio.
472 Domain | Tech name | Recommendations
473 --------------------------- | --------- | ------------------------------------------------------
474 Connectivity-Wireless-NFC-1 | NFC | Protected against relay and replay attacks.
475 Connectivity-Wireless-NFC-2 | Device | Disable unneeded and unapproved services and profiles.
477 Domain | Object | Recommendations
478 ---------------------------- | -------------- | --------------------------------------
479 Application-Cloud-Download-1 | authentication | Must implement authentication process.
480 Application-Cloud-Download-2 | Authorization | Must implement Authorization process.
482 Domain | Object | Recommendations
483 ---------------------------------- | ------------- | ----------------------------------------------------------
484 Application-Cloud-Infrastructure-1 | Packet | Should implement a DPI.
485 Application-Cloud-Infrastructure-2 | DoS | Must implement a DoS protection.
486 Application-Cloud-Infrastructure-3 | Test | Should implement scanning tools like SATS and DAST.
487 Application-Cloud-Infrastructure-4 | Log | Should implement security tools (IDS and IPS).
488 Application-Cloud-Infrastructure-5 | App integrity | Applications must be signed by the code signing authority.
490 Domain | Object | Recommendations
491 ----------------------------- | ----------------------------------------- | ---------------------------------
492 Application-Cloud-Transport-1 | Integrity, confidentiality and legitimacy | Should implement IPSec standards.
494 <!-- end-section-config -->
Code Review / AGL / documentation.git / blob