This is the documentation for the latest (main) development branch of Zephyr. If you are looking for the documentation of previous releases, use the drop-down menu on the left and select the desired version.

Security Document Citations

SALT75

J. H. Saltzer and M. D. Schroeder, “The protection of information in computer systems,” Proceedings ofthe IEEE, vol. 63, no. 9, pp. 1278-1308, Sep 1975. [Online]. Available: http://web.mit.edu/Saltzer/www/publications/protection/.

PAUL09

M. Paul, “The Ten Best Practices for Secure Software Development,” International Information Systems Security Certification Consortium, Inc. [(ISC)2®], Palm Harbor, FL, USA, 2009.

MS12

Microsoft Corporation, Security Development Lifecycle - SDL Process Guidance Version 5.2,2012.

CCITSE12

Common Criteria for Information Technology Security Evaluation ver. 3.1 rev. 4, 2012.

MICR16

Micrium, “Certification Kits,” 2016. [Online]. Available: https://www.micrium.com/certification/certification-kits/.

NIST02

National Institute of Standards and Technology, FIPS PUB 140-2: Security Requirements for COMPANY PUBLIC Application note Cryptographic Modules, Gaithersburg, 2002.

GHS10

Green Hills Software, “INTEGRITY-178B Separation Kernel Security Target v4.2,” 2010.

RFC2119

Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels”, BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997. [Online]. Available: https://www.rfc-editor.org/info/rfc2119.

STRIDE09

Microsoft Corporation, “The STRIDE Threat Model, 2009”. [Online]. Available: https://msdn.microsoft.com/en-us/library/ee823878%28v=cs.20%29.aspx.

CVSS

Forum of Incident Response and Security Teams, “Common Vulnerability Scoring System v3.0: Specification Document”. [Online]. Available: https://www.first.org/cvss/specification-document.

OWASP

Open Web Application Security Project, “Application Threat Modeling”. [Online]. Available: https://www.owasp.org/index.php/Application_Threat_Modeling.

CIIBPB

Core Infrastructure Initiative Best Practices Badge. [Online]. Available: https://github.com/linuxfoundation/cii-best-practices-badge