doc: add security assessment of the storage SPs
Change the document structure and add a security assessment section.
Add the security assessment of the PSA ITS and PSA PS SPs.
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Change-Id: I642d39c14d30e6b7c97cfa5bd7f5c69327a2d5f8
diff --git a/docs/project/glossary.rst b/docs/project/glossary.rst
index ec79dbc..053d5a6 100644
--- a/docs/project/glossary.rst
+++ b/docs/project/glossary.rst
@@ -48,7 +48,8 @@
Trusted Execution Environment. An SPE implemented using TrustZone.
TrustZone
- Hardware assisted isolation technology built into arm CPUs. See `TrustZone for Cortex-A`_.
+ Arm :sup:`®` TrustZone :sup:`®` ia a hardware assisted isolation technology built into arm CPUs. See `TrustZone
+ for Cortex-A`_.
SPE
See :term:`Secure Processing Environment`.
@@ -70,7 +71,7 @@
A Secure Partition which executes a software image in and isolated physical address space.
Logical SP
- A Secure Partition which executes a software image isolated buy without physical address space isolation.
+ A Secure Partition which executes a software image isolated without physical address space isolation.
SPM
See :term:`Secure Partition Manager`.
@@ -80,10 +81,16 @@
is built from two sub-components the :term:`Secure Partition Manager Dispatcher` and the
:term:`Secure Partition Manager Core`.
+ SPMD
+ See :term:`Secure Partition Manager Dispatcher`.
+
Secure Partition Manager Dispatcher
The SPM component responsible for SPMC initialization boot-time, and forwarding FF-A calls run-time between SPs
and between SPs and the SPMC.
+ SPMC
+ See :term:`Secure Partition Manager Core`.
+
Secure Partition Manager Core
A component responsible for SP initialization and isolation at boot-time, inter partition isolation at run-time,
inter-partition communication at run-time.
diff --git a/docs/security/index.rst b/docs/security/index.rst
index aaa1a30..f698f9f 100644
--- a/docs/security/index.rst
+++ b/docs/security/index.rst
@@ -7,6 +7,7 @@
security-model
threat-models/generic-threat-model
+ threat-assessment/index
The security model outlines the foundational security principles of the project. Refer to this section for an overview
of key concepts and the high-level security architecture.
diff --git a/docs/security/threat-assessment/index.rst b/docs/security/threat-assessment/index.rst
new file mode 100644
index 0000000..7114e1a
--- /dev/null
+++ b/docs/security/threat-assessment/index.rst
@@ -0,0 +1,17 @@
+Threat Assessment
+=================
+
+This section captures the threat assessment of the Secure Partitions in the project.
+
+.. toctree::
+ :maxdepth: 1
+ :caption: Secure Partitions
+
+ psa-storage-threat-assessment
+
+
+--------------
+
+*Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/security/threat-assessment/psa-storage-threat-assessment.rst b/docs/security/threat-assessment/psa-storage-threat-assessment.rst
new file mode 100644
index 0000000..21d563e
--- /dev/null
+++ b/docs/security/threat-assessment/psa-storage-threat-assessment.rst
@@ -0,0 +1,64 @@
+PSA Storage SPs
+===============
+
+This document uses the term `PSA Storage` to refer to PSA Protected Storage SP and PSA Internal Trusted Storage SP.
+From Trusted Services perspective, there are only subtle differences between the two. The two services implement a
+slightly different API, and ITS must not use the PSA Crypto SP for cryptographic operations to avoid circular
+dependency. From security perspective the two SPs are the same.
+
+
+Scope of evaluation
+-------------------
+
+This assessment makes the following assumptions:
+
+ - The PSA Storage service is deployed to a dedicated S-EL0 SP, and its execution context is isolated from other
+ services, using |TRUSTZONE|.
+ - The SP may own the storage HW or it may rely on another service for non-volatile storage (e.g. the Block Storage
+ SP).
+ - No shared storage device will be used. In such a scenario, the shared device will be assigned to another SP which
+ provides a service level API. A good example is the Block Storage SP.
+ - The SP will use the Logging SP, or the FF-A logging API provided by the SPMC.
+
+Assessment Results
+------------------
+
+This section specializes the threats identified in the Generic Threat Model for the storage service where needed.
+Threats not listed here are mitigated as described in the :doc:`/security/threat-models/generic-threat-model`.
+
+ - :ref:`GEN05 <generic_threat_5>` "External devices connected to the system storing sensitive data."
+
+ This threat is in scope if the platform uses an external device as the non-volatile storage for the service. The
+ service must protect data in transit at DF9 and DF11.
+
+ - :ref:`GEN06 <generic_threat_6>` "State of external devices connected to the system might be modified by an attacker."
+
+ This threat is in scope when the platform relies on an external device for non-volatile storage used by the
+ service. To mitigate the risk, the service must implement platform-specific measures to protect the data.
+
+ - :ref:`GEN07 <generic_threat_7>` "Invalid or conflicting access to shared hardware."
+
+ This threat is out of scope due to the scope of evaluation.
+
+ - :ref:`GEN08 <generic_threat_8>` "Unauthenticated access to hardware."
+
+ This threat is out of scope as shared usage of hardware is excluded by the scope of evaluation.
+
+ - :ref:`GEN09 <generic_threat_9>` "Unauthenticated access to sensitive data."
+
+ The PSA Storage SP isolates clients at FF-A level and each FF-A endpoint is isolated to its own namespace.
+
+ If the selected storage backed relies on another service like the Block Storage SP, the backend service must
+ implement access control and client isolation too.
+
+ - :ref:`GEN10 <generic_threat_10>` "Time-of-Check to Time-of-Use (TOCTTOU) attack through shared memory."
+
+ PSA Storage code will not read the input data multiple times and thus this threat is mitigated.
+
+
+
+--------------
+
+*Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause