5 The first part resumed all the configurations you must implement without any
6 explications since all the explanations are given as and when in the document.
8 - The _config_ tag quickly identifies the configurations and the recommendations
11 - The _note_ tag allows you to notify some additional details.
13 - The _todo_ tag shows the possible improvements.
15 The second one allows to visualize all the todo notes in order to have a global
16 vision of the possible improvements of the document.
21 Domain | Object | Recommendations
22 -------------------- | ---------- | ----------------------------------
23 Hardware-Integrity-1 | Bootloader | Must control bootloader integrity.
24 Hardware-Integrity-2 | Board | Must use a HSM.
25 Hardware-Integrity-3 | RTC | Must not be alterable.
27 Domain | Object | Recommendations
28 ---------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------
29 Hardware-Certificate-1 | System | Shall allow storing dedicated certificates.
30 Hardware-Certificate-2 | ECU | The ECU must verify the certification authority hierarchy.
31 Hardware-Certificate-3 | System | Allow the modification of certificates only if the source can be authenticated by a certificate already stored or in the higher levels of the chain of trust.
33 Domain | Object | Recommendations
34 ----------------- | ---------- | ------------------------------------------------------------------------------------
35 Hardware-Memory-1 | ECU | The ECU shall never expose the unencrypted key in RAM when using cryptographic keys.
36 Hardware-Memory-2 | Bootloader | Internal NVM only
37 Hardware-Module-3 | - | HSM must be used to secure keys.
39 Domain | _Variable_ / `Config` name | `Value`
40 ---------------------- | -------------------------- | -------
41 Boot-Image-Selection-1 | `CONFIG_BOOTDELAY` | `-2`
42 Boot-Image-Selection-2 | _bootdelay_ | `-2`
44 Domain | `Config` name | _State_
45 ------------------------- | ---------------------------- | --------
46 Boot-Image-Authenticity-1 | `CONFIG_FIT` | _Enable_
47 Boot-Image-Authenticity-2 | `CONFIG_FIT_SIGNATURE` | _Enable_
48 Boot-Image-Authenticity-3 | `CONFIG_RSA` | _Enable_
49 Boot-Image-Authenticity-4 | `CONFIG_OF_CONTROL` | _Enable_
50 Boot-Image-Authenticity-5 | `CONFIG_OF_SEPARATE` | _Enable_
51 Boot-Image-Authenticity-6 | `CONFIG_DEFAULT_DEVICE_TREE` | _Enable_
53 Domain | Communication modes | _State_
54 -------------------- | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------
55 Boot-Communication-1 | `USB` | _Disabled_ and _Compiled-out_ if not required.
56 Boot-Communication-2 | `USB` | Else, Kernel should be configured to only enable the minimum required USB devices and filesystems should be treated with special care.
57 Boot-Communication-3 | `Ethernet` | _Disabled_
58 Boot-Communication-4 | U-boot and sboot `DOCSIS` | _Disabled_
59 Boot-Communication-5 | `Serial ports` | _Disabled_
61 Domain | `Config` name | _State_
62 ------------------------ | ----------------------- | -------------
63 Boot-Communication-USB-1 | `CONFIG_CMD_USB` | _Not defined_
64 Boot-Communication-USB-2 | `CONFIG_USB_UHCI` | _Not defined_
65 Boot-Communication-USB-3 | `CONFIG_USB_KEYBOARD` | _Not defined_
66 Boot-Communication-USB-4 | `CONFIG_USB_STORAGE` | _Not defined_
67 Boot-Communication-USB-5 | `CONFIG_USB_HOST_ETHER` | _Not defined_
69 Domain | Communication modes | _State_
70 -------------------- | -------------------- | ---------------------------------------------------------------------------------------------
71 Boot-Communication-1 | `Network interfaces` | Preferably _no network interface is allowed_, otherwise, restrict the services to those used.
73 Domain | Object | Recommendations
74 -------------------- | --------------------------------- | -------------------------------------------------------------
75 Boot-Communication-1 | `Services`, `ports` and `devices` | Restrict the `services`, `ports` and `devices` to those used.
77 Domain | `Command` name | _State_
78 -------------------------- | -------------- | ---------
79 Boot-Communication-Flash-1 | `do_nand` | _Disable_
81 Domain | `Config` name | `Value`
82 ---------------------- | --------------------------------------- | ---------
83 Boot-Consoles-Serial-1 | `CONFIG_SILENT_CONSOLE` | `Disable`
84 Boot-Consoles-Serial-2 | `CONFIG_SYS_DEVICE_NULLDEV` | `Disable`
85 Boot-Consoles-Serial-3 | `CONFIG_SILENT_CONSOLE_UPDATE_ON_RELOC` | `Disable`
87 Domain | `Environment variable` name | _State_
88 ---------------------- | --------------------------- | -------------
89 Boot-Consoles-Serial-1 | `INC_DEBUG_PRINT` | _Not defined_
91 Domain | `Config` name | _State_
92 -------------------------- | ---------------------------- | ---------
93 Boot-Consoles-Variables-1 | `CONFIG_ENV_IS_IN_MMC` | `#undef`
94 Boot-Consoles-Variables-2 | `CONFIG_ENV_IS_IN_EEPROM` | `#undef`
95 Boot-Consoles-Variables-3 | `CONFIG_ENV_IS_IN_FLASH` | `#undef`
96 Boot-Consoles-Variables-4 | `CONFIG_ENV_IS_IN_DATAFLASH` | `#undef`
97 Boot-Consoles-Variables-5 | `CONFIG_ENV_IS_IN_FAT` | `#undef`
98 Boot-Consoles-Variables-6 | `CONFIG_ENV_IS_IN_NAND` | `#undef`
99 Boot-Consoles-Variables-7 | `CONFIG_ENV_IS_IN_NVRAM` | `#undef`
100 Boot-Consoles-Variables-8 | `CONFIG_ENV_IS_IN_ONENAND` | `#undef`
101 Boot-Consoles-Variables-9 | `CONFIG_ENV_IS_IN_SPI_FLASH` | `#undef`
102 Boot-Consoles-Variables-10 | `CONFIG_ENV_IS_IN_REMOTE` | `#undef`
103 Boot-Consoles-Variables-11 | `CONFIG_ENV_IS_IN_UBI` | `#undef`
104 Boot-Consoles-Variables-12 | `CONFIG_ENV_IS_NOWHERE` | `#define`
106 Domain | `Command` name | _State_
107 ----------------------- | -------------- | ----------
108 Boot-Consoles-MemDump-1 | `md` | _Disabled_
109 Boot-Consoles-MemDump-2 | `mm` | _Disabled_
110 Boot-Consoles-MemDump-3 | `nm` | _Disabled_
111 Boot-Consoles-MemDump-4 | `mw` | _Disabled_
112 Boot-Consoles-MemDump-5 | `cp` | _Disabled_
113 Boot-Consoles-MemDump-6 | `mwc` | _Disabled_
114 Boot-Consoles-MemDump-7 | `mdc` | _Disabled_
115 Boot-Consoles-MemDump-8 | `mtest` | _Disabled_
116 Boot-Consoles-MemDump-9 | `loopw` | _Disabled_
118 Domain | `Config` name | `Value`
119 -------------------- | -------------- | --------------------------------------
120 Kernel-General-MAC-1 | CONFIG_IP_NF_SECURITY | m
121 Kernel-General-MAC-2 | CONFIG_IP6_NF_SECURITY | m
122 Kernel-General-MAC-3 | CONFIG_EXT2_FS_SECURITY | y
123 Kernel-General-MAC-4 | CONFIG_EXT3_FS_SECURITY | y
124 Kernel-General-MAC-5 | CONFIG_EXT4_FS_SECURITY | y
125 Kernel-General-MAC-6 | CONFIG_SECURITY | y
126 Kernel-General-MAC-7 | CONFIG_SECURITY_SMACK | y
127 Kernel-General-MAC-8 | CONFIG_TMPFS_XATTR | y
129 Domain | `Config` name | `Value`
130 ---------------------- | -------------- | -------
131 Kernel-General-kexec-1 | `CONFIG_KEXEC` | `n`
133 Domain | `Config` name | `Value`
134 --------------------------- | --------------- | -------
135 Kernel-General-IPAutoConf-1 | `CONFIG_IP_PNP` | `n`
137 Domain | `Config` name | `Value`
138 ------------------------------- | ----------------------- | -------
139 Kernel-General-SysCtl_SysCall-1 | `CONFIG_SYSCTL_SYSCALL` | `n`
141 Domain | `Config` name | `Value`
142 ---------------------------- | --------------- | -------
143 Kernel-General-LegacyLinux-1 | `CONFIG_USELIB` | `n`
145 Domain | `Config` name | `Value`
146 --------------------------- | ------------------------------ | -------
147 Kernel-General-FirmHelper-1 | `CONFIG_FW_LOADER_USER_HELPER` | `n`
149 Domain | `Config` name | `Value`
150 ---------------------------- | ---------------------- | -------
151 Kernel-General-PanicOnOOPS-1 | `CONFIG_PANIC_ON_OOPS` | `y`
153 Domain | `Config` name | `Value`
154 -------------------------- | -------------------- | -------
155 Kernel-General-SocketMon-1 | `CONFIG_PACKET_DIAG` | `n`
156 Kernel-General-SocketMon-2 | `CONFIG_UNIX_DIAG` | `n`
158 Domain | `Config` name | `Value`
159 ------------------------ | ---------------- | -------
160 Kernel-General-BPF_JIT-1 | `CONFIG_BPF_JIT` | `n`
162 Domain | `Config` name | `Value`
163 ------------------------------ | ------------------------- | -------
164 Kernel-General-ModuleSigning-1 | `CONFIG_MODULE_SIG_FORCE` | `y`
166 Domain | `Variable` name | `Value`
167 ------------------------------ | ------------------------- | -------
168 Kernel-General-ModuleSigning-2 | `kernel.modules_disabled` | `1`
170 Domain | Object | _State_
171 ------------------------ | ------------------- | ----------
172 Kernel-General-Drivers-1 | `USB` | _Disabled_
173 Kernel-General-Drivers-2 | `PCMCIA` | _Disabled_
174 Kernel-General-Drivers-3 | Other `hotplug` bus | _Disabled_
176 Domain | `compiler` and `linker` options | _State_
177 -------------------------------- | ------------------------------- | --------
178 Kernel-General-IndependentExec-1 | `-pie -fpic` | _Enable_
180 Domain | `compiler` and `linker` options | _State_
181 --------------------------------- | ------------------------------- | --------
182 Kernel-General-OverwriteAttacks-1 | `-z,relro` | _Enable_
183 Kernel-General-OverwriteAttacks-2 | `-z,now` | _Enable_
185 Domain | Object | Recommendations
186 ------------------------------- | --------------- | --------------------------------
187 Kernel-General-LibraryLinking-1 | Dynamic linking | Should generally not be allowed.
189 Domain | `Config` name | `Value`
190 ------------------------------ | ---------------- | -------
191 Kernel-Memory-RestrictAccess-1 | `CONFIG_DEVKMEM` | `n`
193 Domain | `Config` name | `Value`
194 ------------------------ | ------------------- | -------
195 Kernel-Memory-CoreDump-1 | `CONFIG_PROC_KCORE` | `n`
197 Domain | `Config` name | `Value`
198 -------------------- | ------------- | -------
199 Kernel-Memory-Swap-1 | `CONFIG_SWAP` | `n`
201 Domain | `Config` name | `Value`
202 ------------------------------ | --------------------- | -------
203 Kernel-Memory-LoadAllSymbols-1 | `CONFIG_KALLSYMS` | `n`
204 Kernel-Memory-LoadAllSymbols-2 | `CONFIG_KALLSYMS_ALL` | `n`
206 Domain | `Config` name | `Value`
207 --------------------- | -------------------------- | -------
208 Kernel-Memory-Stack-1 | `CONFIG_CC_STACKPROTECTOR` | `y`
210 Domain | `Config` name | `Value`
211 ---------------------- | --------------- | -------
212 Kernel-Memory-Access-1 | `CONFIG_DEVMEM` | `n`
214 Domain | `Config` name | `Value`
215 ------------------------------ | --------------------- | -------
216 Kernel-Memory-CrossMemAttach-1 | `CROSS_MEMORY_ATTACH` | `n`
218 Domain | `compiler` and `linker` options | _State_
219 ----------------------------- | ------------------------------- | --------
220 Kernel-Memory-StackSmashing-1 | `-fstack-protector-all` | _Enable_
222 Domain | `compiler` options and `config` name | `Value`
223 ------------------------------- | ------------------------------------ | -------
224 Kernel-Memory-BufferOverflows-1 | `-D_FORTIFY_SOURCE` | `2`
225 Kernel-Memory-BufferOverflows-2 | `CONFIG_FORTIFY_SOURCE` | `y`
227 Domain | `Config` name | `Value`
228 ------------------------ | ---------------------------- | -------
229 Kernel-Consoles-Serial-1 | `CONFIG_SERIAL_8250` | `n`
230 Kernel-Consoles-Serial-2 | `CONFIG_SERIAL_8250_CONSOLE` | `n`
231 Kernel-Consoles-Serial-3 | `CONFIG_SERIAL_CORE` | `n`
232 Kernel-Consoles-Serial-4 | `CONFIG_SERIAL_CORE_CONSOLE` | `n`
234 Domain | `Config` name | `Value`
235 ----------------------------- | ------------------------- | -----------------------------------
236 Kernel-Consoles-CommandLine-1 | `CONFIG_CMDLINE_BOOL` | `y`
237 Kernel-Consoles-CommandLine-2 | `CONFIG_CMDLINE` | `"insert kernel command line here"`
238 Kernel-Consoles-CommandLine-3 | `CONFIG_CMDLINE_OVERRIDE` | `y`
240 Domain | `Config` name | `Value`
241 ---------------------- | ------------- | -------
242 Kernel-Consoles-KDBG-1 | `CONFIG_KGDB` | `n`
244 Domain | `Config` name | `Value`
245 ----------------------- | -------------------- | -------
246 Kernel-Consoles-SysRQ-1 | `CONFIG_MAGIC_SYSRQ` | `n`
248 Domain | `Config` name | `Value`
249 ------------------------------ | -------------------- | -------
250 Kernel-Consoles-BinaryFormat-1 | `CONFIG_BINFMT_MISC` | `n`
252 Domain | `Config` name | `Value`
253 ---------------------- | ------------------- | -------
254 Kernel-Debug-Symbols-1 | `CONFIG_DEBUG_INFO` | `n`
256 Domain | `Config` name | `Value`
257 ---------------------- | ---------------- | -------
258 Kernel-Debug-Kprobes-1 | `CONFIG_KPROBES` | `n`
260 Domain | `Config` name | `Value`
261 ---------------------- | --------------- | -------
262 Kernel-Debug-Tracing-1 | `CONFIG_FTRACE` | `n`
264 Domain | `Config` name | `Value`
265 ------------------------ | ------------------ | -------
266 Kernel-Debug-Profiling-1 | `CONFIG_OPROFILE` | `n`
267 Kernel-Debug-Profiling-2 | `CONFIG_PROFILING` | `n`
269 Domain | `Config` name | `Value`
270 ------------------------ | ------------------------- | -------
271 Kernel-Debug-OOPSOnBUG-1 | `CONFIG_DEBUG_BUGVERBOSE` | `n`
273 Domain | `Config` name | `Value`
274 ------------------ | --------------------- | -------
275 Kernel-Debug-Dev-1 | `CONFIG_DEBUG_KERNEL` | `n`
276 Kernel-Debug-Dev-2 | `CONFIG_EMBEDDED` | `n`
278 Domain | `Config` name | `Value`
279 ------------------------- | ----------------- | -------
280 Kernel-Debug-FileSystem-1 | `CONFIG_DEBUG_FS` | `n`
282 Domain | `Config` name | `Value`
283 ------------------ | ------------- | -------
284 Kernel-Debug-BUG-1 | `CONFIG_BUG` | `n`
286 Domain | `Config` name | `Value`
287 ------------------------ | ----------------- | -------
288 Kernel-Debug-CoreDumps-1 | `CONFIG_COREDUMP` | `n`
290 Domain | `File` name | `Value`
291 ---------------------------- | -------------------------------- | -------
292 Kernel-Debug-AdressDisplay-1 | `/proc/sys/kernel/kptr_restrict` | `1`
294 Domain | `File` or `Directorie` name | _State_
295 ---------------------------- | --------------------------- | -----------------------------
296 Kernel-Debug-AdressDisplay-1 | `/boot/vmlinuz*` | _Readable Only for root user_
297 Kernel-Debug-AdressDisplay-2 | `/boot/System.map*` | _Readable Only for root user_
298 Kernel-Debug-AdressDisplay-3 | `/sys/kernel/debug/` | _Readable Only for root user_
299 Kernel-Debug-AdressDisplay-4 | `/proc/slabinfo` | _Readable Only for root user_
301 Domain | `File` name | `Value`
302 -------------------- | --------------------------------- | -------
303 Kernel-Debug-DMESG-1 | `/proc/sys/kernel/dmesg_restrict` | `1`
305 Domain | `Config` name | `Value`
306 --------------------- | ----------------- | -------
307 Kernel-Debug-Config-1 | `CONFIG_IKCONFIG` | `n`
309 Domain | `Config` name | `Value`
310 ------------------------ | --------------- | -------
311 Kernel-FileSystems-NFS-1 | `CONFIG_NFSD` | `n`
312 Kernel-FileSystems-NFS-2 | `CONFIG_NFS_FS` | `n`
314 Domain | `Partition` | `Value`
315 -------------------------- | ------------------- | -----------------------------------------------------------------
316 Kernel-FileSystems-Mount-1 | `/boot` | `nosuid`, `nodev` and `noexec`.
317 Kernel-FileSystems-Mount-2 | `/var` & `/tmp` | In `/etc/fstab` or `vfstab`, add `nosuid`, `nodev` and `noexec`.
318 Kernel-FileSystems-Mount-3 | _Non-root local_ | If type is `ext2` or `ext3` and mount point not '/', add `nodev`.
319 Kernel-FileSystems-Mount-4 | _Removable storage_ | Add `nosuid`, `nodev` and `noexec`.
320 Kernel-FileSystems-Mount-5 | _Temporary storage_ | Add `nosuid`, `nodev` and `noexec`.
321 Kernel-FileSystems-Mount-6 | `/dev/shm` | Add `nosuid`, `nodev` and `noexec`.
322 Kernel-FileSystems-Mount-7 | `/dev` | Add `nosuid` and `noexec`.
324 Domain | `Config` name | _State_ or `Value`
325 -------------------------- | ----------------------- | -----------------------------------------------------------------------
326 Kernel-FileSystems-Mount-1 | `CONFIG_DEVTMPFS_MOUNT` | _Disabled_ or add remount with `noexec` and `nosuid` to system startup.
328 Domain | `Label` name | Recommendations
329 ------------------ | ------------ | -----------------------------------------------------------
330 Kernel-MAC-Floor-1 | `^` | Only for privileged system services.
331 Kernel-MAC-Floor-2 | `*` | Used for device files or `/tmp` Access restriction via DAC.
333 Domain | `Label` name | Recommendations
334 ------------------- | ---------------- | -------------------------------------------------------------------------------------------------------------
335 Kernel-MAC-System-1 | `System` | Process should write only to file with transmute attribute.
336 Kernel-MAC-System-2 | `System::run` | Files are created with the directory label from user and system domain (transmute) Lock is implicit with `w`.
337 Kernel-MAC-System-3 | `System::Shared` | Files are created with the directory label from system domain (transmute) User domain has locked privilege.
338 Kernel-MAC-System-4 | `System::Log` | Some limitation may impose to add `w` to enable append.
339 Kernel-MAC-System-5 | `System::Sub` | Isolation of risky Subsystem.
341 Domain | `Label` name | Recommendations
342 ------------------- | ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------
343 Kernel-MAC-System-1 | `User::Pkg::$AppID` | Only one Label is allowed per App. A data directory is created by the AppFw in `rwx` mode.
344 Kernel-MAC-System-2 | `User::Home` | AppFw needs to create a directory in `/home/$USER/App-Shared` at first launch if not present with label app-data access is `User::App-Shared` without transmute.
345 Kernel-MAC-System-3 | `User::App-Shared` | Shared space between all App running for a given user.
347 Domain | Object | Recommendations
348 ------------------ | -------------- | ------------------------------------
349 Platform-SystemD-1 | Security model | Use Namespaces for containerization.
350 Platform-SystemD-2 | Security model | Use CGroups to organise processes.
352 Domain | Object | Recommendations
353 --------------- | -------------- | ------------------------------------
354 Platform-DBus-1 | Security model | Use D-Bus as IPC.
355 Platform-DBus-2 | Security model | Apply D-BUS security patches: [D-Bus CVE](https://www.cvedetails.com/vulnerability-list/vendor_id-13442/D-bus-Project.html)
357 Domain | `Tool` name | _State_
358 -------------------- | ----------- | -------
359 Platform-Utilities-1 | `connman` | _Used_ as a connection manager.
360 Platform-Utilities-2 | `bluez` | _Used_ as a Bluetooth manager.
361 Platform-Utilities-3 | `gstreamer` | _Used_ to manage multimedia file format.
362 Platform-Utilities-4 | `alsa` | _Used_ to provides an API for sound card device drivers.
364 Domain | Object | Recommendations
365 ---------------------- | -------------- | --------------------------------
366 Platform-AGLFw-AppFw-1 | Security model | Use the AppFw as Security model.
368 Domain | Object | Recommendations
369 ----------------------- | ----------- | -------------------------------------
370 Platform-AGLFw-Cynara-1 | Permissions | Use Cynara as policy-checker service.
372 Domain | `Tool` name | _State_
373 -------------------- | ----------- | ----------------------------------------------------------------------
374 Platform-Utilities-1 | `busybox` | _Used_ to provide a number of tools. Do not compile development tools.
376 Domain | `Utility` name and normal `path` | _State_
377 --------------------- | ---------------------------------------------------- | ----------
378 Platform-Utilities-1 | `chgrp` in `/bin/chgrp` | _Disabled_
379 Platform-Utilities-2 | `chmod` in `/bin/chmod` | _Disabled_
380 Platform-Utilities-3 | `chown` in `/bin/chown` | _Disabled_
381 Platform-Utilities-4 | `dmesg` in `/bin/dmesg` | _Disabled_
382 Platform-Utilities-5 | `Dnsdomainname` in `/bin/dnsdomainname` | _Disabled_
383 Platform-Utilities-6 | `dropbear`, Remove "dropbear" from `/etc/init.d/rcs` | _Disabled_
384 Platform-Utilities-7 | `Editors` in (vi) `/bin/vi` | _Disabled_
385 Platform-Utilities-8 | `find` in `/bin/find` | _Disabled_
386 Platform-Utilities-9 | `gdbserver` in `/bin/gdbserver` | _Disabled_
387 Platform-Utilities-10 | `hexdump` in `/bin/hexdump` | _Disabled_
388 Platform-Utilities-11 | `hostname` in `/bin/hostname` | _Disabled_
389 Platform-Utilities-12 | `install` in `/bin/install` | _Disabled_
390 Platform-Utilities-13 | `iostat` in `/bin/iostat` | _Disabled_
391 Platform-Utilities-14 | `killall` in `/bin/killall` | _Disabled_
392 Platform-Utilities-15 | `klogd` in `/sbin/klogd` | _Disabled_
393 Platform-Utilities-16 | `logger` in `/bin/logger` | _Disabled_
394 Platform-Utilities-17 | `lsmod` in `/sbin/lsmod` | _Disabled_
395 Platform-Utilities-18 | `pmap` in `/bin/pmap` | _Disabled_
396 Platform-Utilities-19 | `ps` in `/bin/ps` | _Disabled_
397 Platform-Utilities-20 | `ps` in `/bin/ps` | _Disabled_
398 Platform-Utilities-21 | `rpm` in `/bin/rpm` | _Disabled_
399 Platform-Utilities-22 | `SSH` | _Disabled_
400 Platform-Utilities-23 | `stbhotplug` in `/sbin/stbhotplug` | _Disabled_
401 Platform-Utilities-24 | `strace` in `/bin/trace` | _Disabled_
402 Platform-Utilities-25 | `su` in `/bin/su` | _Disabled_
403 Platform-Utilities-26 | `syslogd` in (logger) `/bin/logger` | _Disabled_
404 Platform-Utilities-27 | `top` in `/bin/top` | _Disabled_
405 Platform-Utilities-28 | `UART` in `/proc/tty/driver/` | _Disabled_
406 Platform-Utilities-29 | `which` in `/bin/which` | _Disabled_
407 Platform-Utilities-30 | `who` and `whoami` in `/bin/whoami` | _Disabled_
408 Platform-Utilities-31 | `awk` (busybox) | _Enabled_
409 Platform-Utilities-32 | `cut` (busybox) | _Enabled_
410 Platform-Utilities-33 | `df` (busybox) | _Enabled_
411 Platform-Utilities-34 | `echo` (busybox) | _Enabled_
412 Platform-Utilities-35 | `fdisk` (busybox) | _Enabled_
413 Platform-Utilities-36 | `grep` (busybox) | _Enabled_
414 Platform-Utilities-37 | `mkdir` (busybox) | _Enabled_
415 Platform-Utilities-38 | `mount` (vfat) (busybox) | _Enabled_
416 Platform-Utilities-39 | `printf` (busybox) | _Enabled_
417 Platform-Utilities-40 | `sed` in `/bin/sed` (busybox) | _Enabled_
418 Platform-Utilities-41 | `tail` (busybox) | _Enabled_
419 Platform-Utilities-42 | `tee` (busybox) | _Enabled_
420 Platform-Utilities-43 | `test` (busybox) | _Enabled_
422 Domain | Object | Recommendations
423 --------------------- | ---------------- | -----------------------------------------------------
424 Platform-Users-root-1 | Main application | Should not execute as root.
425 Platform-Users-root-2 | UI | Should run in a context on a user with no capability.
427 Domain | `Utility` name | _State_
428 --------------------- | -------------- | -------------
429 Platform-Users-root-3 | `login` | _Not allowed_
430 Platform-Users-root-4 | `su` | _Not allowed_
431 Platform-Users-root-5 | `ssh` | _Not allowed_
432 Platform-Users-root-6 | `scp` | _Not allowed_
433 Platform-Users-root-7 | `sftp` | _Not allowed_
435 Domain | Object | Recommendations
436 -------------------------- | --------- | -----------------------------------------------------------------------
437 Application-Installation-1 | AppFw | Provide offline-mode in order to install app with the base image.
438 Application-Installation-2 | Integrity | Allow the installation of applications only if their integrity is good.
440 Domain | Tech name | Recommendations
441 ---------------------------------- | --------- | --------------------------------------------------------------------------
442 Connectivity-BusAndConnector-Bus-1 | CAN | Implement hardware solution in order to prohibit sending unwanted signals.
444 Domain | Tech name | Recommendations
445 ----------------------------------------- | --------- | ----------------------------------------------------------------------
446 Connectivity-BusAndConnector-Connectors-1 | USB | Must be disabled. If not, only enable the minimum require USB devices.
447 Connectivity-BusAndConnector-Connectors-2 | USB | Confidential data exchanged with the ECU over USB must be secure.
448 Connectivity-BusAndConnector-Connectors-3 | USB | USB Boot on a ECU must be disable.
449 Connectivity-BusAndConnector-Connectors-4 | OBD-II | Must be disabled outside garages.
451 Domain | Object | Recommendations
452 ----------------------- | ------ | ------------------------------------------------------------------
453 Connectivity-Wireless-1 | Update | Always follow the latest updates of remote communication channels.
455 Domain | Tech name or object | Recommendations
456 ---------------------------- | ------------------- | -------------------------------------------------------------------------
457 Connectivity-Wireless-Wifi-1 | WEP, PSK, TKIP | Disabled
458 Connectivity-Wireless-Wifi-2 | WPA2 and AES-CCMP | Used
459 Connectivity-Wireless-Wifi-3 | WPA2 | Should protect data sniffing.
460 Connectivity-Wireless-Wifi-4 | PSK | Changing regularly the password.
461 Connectivity-Wireless-Wifi-5 | Device | Upgraded easily in software or firmware to have the last security update.
463 Domain | Tech name | Recommendations
464 --------------------------------- | ------------- | ------------------------------------------------------------
465 Connectivity-Wireless-Bluetooth-1 | BLE | Use with caution.
466 Connectivity-Wireless-Bluetooth-2 | Bluetooth | Monitoring
467 Connectivity-Wireless-Bluetooth-3 | SSP | Avoid using the "Just Works" association model.
468 Connectivity-Wireless-Bluetooth-4 | Visibility | Configured by default as undiscoverable. Except when needed.
469 Connectivity-Wireless-Bluetooth-5 | Anti-scanning | Used, inter alia, to slow down brute force attacks.
471 Domain | Tech name | Recommendations
472 -------------------------------- | --------- | --------------------------
473 Connectivity-Wireless-Cellular-1 | GPRS/EDGE | Avoid
474 Connectivity-Wireless-Cellular-2 | UMTS/HSPA | Protected against Jamming.
476 Domain | Tech name | Recommendations
477 ----------------------------- | --------- | --------------------------------------------
478 Connectivity-Wireless-Radio-1 | RDS | Only audio output and meta concerning radio.
480 Domain | Tech name | Recommendations
481 --------------------------- | --------- | ------------------------------------------------------
482 Connectivity-Wireless-NFC-1 | NFC | Protected against relay and replay attacks.
483 Connectivity-Wireless-NFC-2 | Device | Disable unneeded and unapproved services and profiles.
485 Domain | Object | Recommendations
486 ---------------------------- | -------------- | --------------------------------------
487 Application-Cloud-Download-1 | authentication | Must implement authentication process.
488 Application-Cloud-Download-2 | Authorization | Must implement Authorization process.
490 Domain | Object | Recommendations
491 ---------------------------------- | ------------- | ----------------------------------------------------------
492 Application-Cloud-Infrastructure-1 | Packet | Should implement a DPI.
493 Application-Cloud-Infrastructure-2 | DoS | Must implement a DoS protection.
494 Application-Cloud-Infrastructure-3 | Test | Should implement scanning tools like SATS and DAST.
495 Application-Cloud-Infrastructure-4 | Log | Should implement security tools (IDS and IPS).
496 Application-Cloud-Infrastructure-5 | App integrity | Applications must be signed by the code signing authority.
498 Domain | Object | Recommendations
499 ----------------------------- | ----------------------------------------- | ---------------------------------
500 Application-Cloud-Transport-1 | Integrity, confidentiality and legitimacy | Should implement IPSec standards.
505 --------------- | ----------------------------------------------------
506 Boot-Abstract-1 | More generic and add examples (The chain of trust).
509 --------------- | -------------------------------------------
510 Boot-Abstract-1 | Review the definition of the "boot loader".
513 --------------- | ------------------------------------
514 Boot-Consoles-1 | Secure loader: No reference earlier?
517 --------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------
518 Hypervisor-Abstract-1 | Complete Hypervisor part ([jailhouse](https://github.com/siemens/jailhouse) / [KVM](https://www.linux-kvm.org/page/Main_Page) / [Xen](https://www.xenproject.org/developers/teams/embedded-and-automotive.html)).
521 -------------------------------- | -----------------------------
522 Kernel-General-IndependentExec-1 | Kernel or/and platform part ?
525 ------------------------------- | ---------------
526 Kernel-General-LibraryLinking-1 | Keep this part?
529 ------------------- | --------------------------------
530 Platform-Abstract-1 | Create a graphics and sound part.
533 ------------------- | -----------
534 Platform-Services-1 | SystemD ?
535 Platform-Services-2 | Secure daemon ?
538 ----------------------------- | ------------------------
539 Platform-Users-Capabilities-1 | Kernel or Platform-user?
540 Platform-Users-Capabilities-2 | Add config note.
543 -------------------------- | ------------------------------
544 Application-Installation-1 | Talk about AppFw offline mode.
547 ----------------------- | ----------------------------------------------------------
548 Application-Signature-1 | Add content (see secure build in Secure development part).
551 ---------------------- | ------------
552 Application-Services-1 | Add content (Which services?).
553 Application-Services-2 | Add Binder.
556 ----------------------- | -----------------
557 Connectivity-Abstract-1 | Improve abstract.
560 ----------------------- | -------------------------------------------
561 Connectivity-Wireless-1 | Add communication channels (RFID, ZigBee?).
564 ------------- | -----------------
565 Update-SOTA-1 | Part to complete.
568 ----------------------- | ------------
569 SecureDev-SecureBuild-1 | Add content.
572 ---------------------- | ------------
573 SecureDev-Signatures-1 | Add content.
576 --------------------- | -----------------------------------------------------
577 SecureDev-CodeAudit-1 | Add CVE analyser.
578 SecureDev-CodeAudit-2 | [OSSTMM](http://www.isecom.org/mirror/OSSTMM.3.pdf).
Code Review / AGL / documentation.git / blob