docs: Reorganize security pages
Change the page structure and make place for the future threat
assessment section.
Remove references to structured threat models.
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Change-Id: Ia8253ceb2b6329ed153626942990595fa666d2fd
diff --git a/docs/security/index.rst b/docs/security/index.rst
index 513c3fd..aaa1a30 100644
--- a/docs/security/index.rst
+++ b/docs/security/index.rst
@@ -1,20 +1,22 @@
-Security Model
-==============
+Security
+========
.. toctree::
:maxdepth: 1
:caption: Contents:
- self
- threat-model
+ security-model
+ threat-models/generic-threat-model
-The security model of Trusted Services build on the `Platform Security Model`_ v1.1 beta. For a concept level overview
-please refer to this document.
+The security model outlines the foundational security principles of the project. Refer to this section for an overview
+of key concepts and the high-level security architecture.
+
+Threat models support the understanding of security requirements, potential threats, and vulnerabilities. They also aid
+in evaluating the security posture of a Trusted Service. Consult these sections for detailed, service-specific security
+information.
--------------
-.. _`Platform Security Model`: https://developer.arm.com/documentation/den0128/1-1/?lang=en
-
-*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/security/security-model.rst b/docs/security/security-model.rst
new file mode 100644
index 0000000..12009ca
--- /dev/null
+++ b/docs/security/security-model.rst
@@ -0,0 +1,13 @@
+Security Model
+==============
+
+The security model of Trusted Services builds on the `Platform Security Model`_ v1.1 REL0. For a concept level overview
+please refer to this document.
+
+--------------
+
+.. _`Platform Security Model`: https://developer.arm.com/documentation/den0128/0101b
+
+*Copyright (c) 2020-2025, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/security/generic-data-flow.graphml b/docs/security/threat-models/generic-data-flow.graphml
similarity index 100%
rename from docs/security/generic-data-flow.graphml
rename to docs/security/threat-models/generic-data-flow.graphml
diff --git a/docs/security/generic-data-flow.svg b/docs/security/threat-models/generic-data-flow.svg
similarity index 100%
rename from docs/security/generic-data-flow.svg
rename to docs/security/threat-models/generic-data-flow.svg
diff --git a/docs/security/threat-model.rst b/docs/security/threat-models/generic-threat-model.rst
similarity index 97%
rename from docs/security/threat-model.rst
rename to docs/security/threat-models/generic-threat-model.rst
index 3bd9dd0..5f2a73f 100644
--- a/docs/security/threat-model.rst
+++ b/docs/security/threat-models/generic-threat-model.rst
@@ -1,11 +1,11 @@
Generic Threat Model
====================
-Threat modeling is a process to identify security requirements, pinpoint security threats and potential vulnerabilities,
-quantify threat and vulnerability criticality and prioritize remediation methods.
+The Generic Threat Model discusses an abstract physical Secure Partition and captures service independent security
+related information like assets, threats, and mitigations.
-In the next sections you can find the output of this process the for a generic, use-case and service independent
-assessment.
+This model serves as the foundation for assessing the security of any specific deployment involving one or more Trusted
+Services.
Target evaluation
-----------------
@@ -434,6 +434,6 @@
.. _`STRIDE threat analysis technique`: https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats#stride-model
.. _yEd: https://www.yworks.com/products/yed
-*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2022-2025, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause