[Suit] Add a user story for multiple image update
David Brown <david.brown@linaro.org> Fri, 29 June 2018 15:04 UTC
Return-Path: <david.brown@linaro.org>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E12A12F1A6 for <suit@ietfa.amsl.com>; Fri, 29 Jun 2018 08:04:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=linaro.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6uYPAZp0jmKJ for <suit@ietfa.amsl.com>; Fri, 29 Jun 2018 08:04:00 -0700 (PDT)
Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEA67126CC7 for <suit@ietf.org>; Fri, 29 Jun 2018 08:04:00 -0700 (PDT)
Received: by mail-io0-x232.google.com with SMTP id q19-v6so1376248ioh.11 for <suit@ietf.org>; Fri, 29 Jun 2018 08:04:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=Vg1BW48W6b5LmGYDxGTumLa0JhvpZnm0AALo4yi0peQ=; b=VbI2GEY8W9wGSFWGzi3BuPp7PuqpeAadPcfftUisXUMV5I1hoZUiYafnZneG/SYFpS scA8FwDFLdaXDLHvT+OF2chZwWzRC82/KpnKJ9p2NhR0XgnsX2553YULh1AUpDHVq4GC zJoyvHzG83oHi4Pv+99iR5IhUYaFo70ZA7ssE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=Vg1BW48W6b5LmGYDxGTumLa0JhvpZnm0AALo4yi0peQ=; b=jZvYFUPkWSjtyCdf/wFxrIEQln7L5p8yQAMoe5V2lhj6uQkKRxt58yQmVxt78P7jHy LRyFxUIP65z+4vMnLG/CxjFOiDnTTAQNFG5+wSqYIZbKXKDrr6BX1XY5pkkLn3RelKhb Px34q4FtsC3PhMQgSbs7PflRCyxSN6RCCZauYnL8NMLaHzzj4C1pd6b8Gp7IatUEHRYR urrPKlu3eEY5HvjrIfoDrvcfk94X5uvWA8AiQgQkEAXPLGNExEOXp08ab6Bt0HhgINa4 2lcJ0Rq5Qc4gzvKRnQRhLmdUCxmSSUz0soD5GpU2JTDmE5QWcks0lLnmYzuH4eczxh7w OXqw==
X-Gm-Message-State: APt69E0B+tNZy+GprQN6L6aE020nKBYwNs9uKR94QamMzb/jylta+7b5 9Iy2BJHI/okFA+jw9cSk+0wKrpyhjVI=
X-Google-Smtp-Source: AAOMgpfdud3DoRhyz8zNgDNA6WmcmoVYpJSZa1pFq9a0ygGJ5QIu2kAtYOLX1Zh6QzPCvSSNQPR1Bw==
X-Received: by 2002:a6b:1d2:: with SMTP id 201-v6mr2558705iob.140.1530284639745; Fri, 29 Jun 2018 08:03:59 -0700 (PDT)
Received: from davidb.org ([2601:283:4300:987c::9]) by smtp.gmail.com with ESMTPSA id a26-v6sm4398275ioh.51.2018.06.29.08.03.58 for <suit@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 29 Jun 2018 08:03:59 -0700 (PDT)
Date: Fri, 29 Jun 2018 09:03:57 -0600
From: David Brown <david.brown@linaro.org>
To: suit <suit@ietf.org>
Message-ID: <20180629150357.GA4926@davidb.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Disposition: inline
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/j8Q-b4VrC4tYzcQ1ZpsJlG8m8n0>
Subject: [Suit] Add a user story for multiple image update
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jun 2018 15:04:03 -0000
--- I'd like to propose this change to the information model to include support for multiple image support. I'm not sure that MFSR4 satisfies this requirement, or we will need another security model and/or threat to cover this case. The situation on these devices is that there are multiple firmware images, such as for a secure processor and an application processor. Sometimes, these images can be upgraded independently, but we also need to be able to capture when both must be upgraded together, atomically. This also applies to situations such as Arm's Trust Zone M, where a single CPU is partitioned into a secure and a non-secure domain. draft-ietf-suit-information-model.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/draft-ietf-suit-information-model.md b/draft-ietf-suit-information-model.md index d534c97..7cd8410 100644 --- a/draft-ietf-suit-information-model.md +++ b/draft-ietf-suit-information-model.md @@ -332,6 +332,12 @@ As an OEM or developer for IoT devices, I want to protect the IP contained in th Satisfied by: MFSR7 +### Use Case MFCU7: Multiple Images + +As an OEM or developer for IoT devices containing either multiple CPUs, or a single CPU with multiple security domains, I want to be able to update these multiple firmware images either independently, or require that both be updated together, atomically, depending on the needs of the particular update. + +Satistfied by: ??? + ## Usability Requirements The following usability requirements satisfy the user stories listed above. -- 2.16.4