secure-coding.rst - OpenGrok cross reference for /Zephyr-latest/doc/security/secure-coding.rst

Lines Matching +full:tracking +full:- +full:time
6 Traditionally, microcontroller-based systems have not placed much
46 documentation about how security-sensitive issues are handled by the
60 - **Open design** as a design guideline incorporates the maxim that
62   widespread use. Instead of relying on secret, custom-tailored
66 - **Economy of mechanism** specifies that the underlying design of a
71 - **Complete mediation** requires that each access to every object and
75 - **Fail-safe defaults** defines that access is restricted by default
82 - **Separation of privilege** is the principle that two conditions or
86 - **Least privilege** describes an access model in which each user,
92 - **Least common mechanism** specifies that mechanisms common to more
98 - **Psychological acceptability** requires that security features are
105 - **Complementary Security/Defense in Depth**: do not rely on a single
112 - **Less commonly used services off by default**: to reduce the
120   shall be notified if low-level options and APIs are enabled but not
123 - **Change management**: to guarantee a traceability of changes to the
143 - economy of mechanism (keep the design as simple and small as
146 - fail-safe defaults (access decisions shall deny by default, and
149 - complete mediation (every access that might be limited must be
150   checked for authority and be non-bypassable)
156 - open design (security mechanisms should not depend on attacker
160 - separation of privilege (ideally, access to important objects should
162   system won't enable complete access. For example, multi-factor
164   token, is stronger than single-factor authentication)
166 - least privilege (processes should operate with the least privilege
169 - least common mechanism (the design should minimize the mechanisms
173 - psychological acceptability (the human interface must be designed
174   for ease of use - designing for "least astonishment" can help)
176 - limited attack surface (the set of the
179 - input validation with whitelists (inputs should typically be checked
181   validation should use whitelists (which only accept known-good
182   values), not blacklists (which attempt to list known-bad values)).
205 injection, OS injection, classic buffer overflow, cross-site
211 mitigate linear stack/heap buffer overflows, non-linear out of bound writes,
212 integer overflows, and other integer issues. The follow-on class, `OST2_1002`_,
213 covers uninitialized data access, race conditions, use-after-free, type confusion,
221 .. _OWASP Top 10: https://owasp.org/www-project-top-ten/
249 Issues and Bug Tracking
252 The Zephyr project shall have an issue tracking system (such as GitHub_)
258 Because security issues are often sensitive, this issue tracking
266 duration, with a default being a project-decided value.  However,
268 project itself, it may be necessary to increase this embargo time.
269 The time necessary shall be clearly annotated in the issue itself.
273 tracking the fixes, determining if any external parties need to be
288 .. _attack: http://www.theverge.com/2016/10/21/13362354/dyn-dns-ddos-attack-cause-outage-status-exp…