security docs in review: threat model & network security

Joseph Reynolds jrey at linux.ibm.com
Tue Jun 11 00:48:30 AEST 2019


OpenBMC security docs are in review.  They talk about fundamental BMC 
concepts, and should be of interest to technical leaders.  You can 
discuss these on the email list, in review, or at the Security Working 
Group meeting.

- The OpenBMC Threat Model is my proposal to organize OpenBMC's 
functional security efforts.  It also has background information for 
this week's Security Working Group meeting "use case" discussion.  This 
is a WIP ... we'll see how it goes.

- The Network Security considerations covers network-facing threats.  I 
would like to merge this, and use it to guide OpenBMC 2.7 release 
validation.

Threat model: https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/22404
Network security: 
https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/22106

- Joseph


More information about the openbmc mailing list