sensor-threat.rst - OpenGrok cross reference for /Zephyr-Core-3.7.0/doc/security/sensor-threat.rst

Lines Matching +full:non +full:- +full:deterministic
1 .. _sensor-threat:
17 .. figure:: media/sensor-model.svg
28 This model also focuses on communicating via the MQTT-over-TLS protocol,
39    on-device flash that is the first code to run. In order to establish
43    programmed into the device, early in production [th-imboot]_.
52       [th-authrepl]_.
55       shall be done in a timely manner [th-timely-update]_.
60       [th-atomic-update]_.
64    are allowed to sign the certificate on the server. For cloud-provider
68    [th-root-certs]_, [th-root-check]_.
85    of code necessary shall have access to them. [th-secret-storage]_
94    requires the time to be accurate within 5-10 minutes.
103    certificate to be able to intercept this. [th-time]_
114    should be allowed only from authorized parties. [th-conf]_
117    device shall log information about security-pertinent events. IoT
121    resource-available environment. Types of events that should be logged
132    [th-logs]_
190       configuration information. On resource-constrained devices, it is
210    DNS results or attempt man-in-the-middle attacks
214    service [th-all-tls]_. The TLS stack shall be configured to use only cipher suites
220       [th-tls-ciphers]_.
223       server shall be verified [th-root-check]_.
250       [th-tls-client-auth]_.
256           certificates can be self-signed, or signed by a CA. Since the
262       ii. **Token-based authentication**. It is also possible for the
265           be transmitted in this packet. Instead, a token-based
275       modern, accepted cryptographic random-bit generator to generate
276       these random numbers. It shall use either a Non-Deterministic
278       SoC, or a Deterministic Random Bit Generator (Pseudo RBG) seeded
279       by an entropy source within the SoC.  Please see NIST SP 800-90A
280       for information on approved RBGs and NIST SP 800-90B for
281       information on testing a device's entropy source [th-entropy]_.
294    operation, re-provisioning, and destruction.
299       [th-initial-provision]_. In
304       [th-initial-secret]_.
309    c. **Re-provisioning**. Sometimes it is necessary to re-provision a
316       [th-reprovision]_.
321       [th-destruction]_. Possibilities include:
343 .. [th-imboot] Must boot with an immutable bootloader.
345 .. [th-authrepl] Application image shall only be replaced with an
348 .. [th-timely-update]
351 .. [th-atomic-update]
354 .. [th-root-certs]
357 .. [th-root-check]
360 .. [th-secret-storage]
364 .. [th-time]
368 .. [th-conf]
371 .. [th-logs]
372    The system must log security-related events, and either store them
375 .. [th-all-tls]
378 .. [th-tls-ciphers]
382 .. [th-tls-client-auth]
386 .. [th-entropy]
387    The TLS layer shall use a modern, accepted cryptographic random-bit
390 .. [th-initial-provision]
391    The device shall have a per-device secret loaded before deployment.
393 .. [th-initial-secret]
397 .. [th-reprovision]
400 .. [th-destruction]
408    See https://www.slideshare.net/kartben/iot-developer-survey-2018. As