Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] Add POUF template #3

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

[WIP] Add POUF template #3

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1f4e162
Add initial POUF template
mnm678 Jun 18, 2020
87dbe49
Apply suggestions from code review
mnm678 Jul 7, 2020
bf7adac
add some clarifications to the POUF template
mnm678 Jul 7, 2020
7b1a806
clarify full verification
mnm678 Jul 7, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
118 changes: 118 additions & 0 deletions POUF-template.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
* POUF:
* Title:
* Version:
* Last-Modified:
* Author:
* Status:
* Uptane Version Implemented:
* Created:

# Abstract

# Protocols

This section describes the protocols used to transmit data in the implementation. At a minimuc, this should answer the following questions:
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

What encoding format is used? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#meta_structures)

Are any files hosted? What protocol is used to transmit hosted files?

## Message Handler Table

What messages are sent by Uptane entities?


| Request | Sender | Receiver | Data | Response | Specification Reference |
| ------- | ------ | -------- | ---- | -------- | ----------------------- |


# Operations
This section includes descriptions of optional features from the standard, as
well as any additional features supported by the implementation. At a minimum,
this should include the following:

Which ECU is used as the primary ECU?
* The primary ECU MAY be the same ECU that communicates with the server (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#rfc.section.5).

What delegation features are supported (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#targets_role_delegations)?
* How does the implementation get a secure source of time?
* Are custom delegated targets roles supported?
* Are terminating delegations supported?
* Are multi-role delegations (TAP 3) supported?

What value is used for the public key identifier? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#common_metadata)

Does the root file support mapping roles to urls (TAP 5)? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#root_meta)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Is there any additional or custom metadata included in targets metadata? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#targets_meta, https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#custom-metadata-about-images)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

How are the filenames for delegations listed? Are wildcards supported? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#delegations_meta)

Does snapshot include the root filename and version number? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#snapshot_meta)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

How many repositories does the implementation use? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#repo_mapping_meta)

How does the implementation specify repository mapping metadata? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#repo_mapping_meta)

How do ECUs securely access the current time? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#server-repository-implementation-requirements)

Is the image repository interface public? Does it require authentication? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#image-repository)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Is the director repository interface public? Does it support encryption? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#director_repository)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

How does the director repository identify a vehicle? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#directing-installation-of-images-on-vehicles)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Does the director repository make any additional checks? What does it do it a check fails? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#directing-installation-of-images-on-vehicles)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

What additional data about ECUs and vehicles is stored in the inventory database? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#inventory_db_)

Is the ECU key symmetric? Is the same key used for encryption and signing? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#build-time-prerequisite-requirements-for-ecus)

Does the implementation support sending diffs of the vehicle version manifest? If so, how can the director request the full manifest? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#construct_manifest_primary)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Do any secondaries not have storage? If so, how will they request images from the primary and should they backup their previous working image? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#send_images_primary)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

What are the preconditions for installing an image? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#install_image)

Does the primary write version reports to disk? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#create_version_report)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Do full verification secondaries check that all metadata from the director and image repositories match? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#full_verification)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Does the primary ECU check that the targets metadata from the director repository only contains ECU ids present on the vehicle? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#full_verification)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Does the root, snapshot, timestamp, or targets verification process differ from the suggestions in the standard? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#check_root)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

# Usage

What filesystem is used by the image repository? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#image-repository)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

What filesystem is used by the director repository? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#director_repository)
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

What database system is used for the inventory database? (https://uptane.github.io/papers/ieee-isto-6100.1.0.0.uptane-standard.html#inventory_db)

How are keys managed?

What steps are taken to initialize the image and directory repositories?
mnm678 marked this conversation as resolved.
Show resolved Hide resolved

Are ECUs registered with a repository? How does this work?

## Data Table

| Location | Data |
| -------- | ---- |
|Primary ECU | |
| Full verification secondary ECU | |
| Partial verification secondary ECU | |
| Director Repository | |
| Image Repository | |
mnm678 marked this conversation as resolved.
Show resolved Hide resolved
| ... | |

# Formats
This section details the data definitions used for files transmitted as part of Uptane. This should include at least the following:
* General metadata format (including signature header)
* Root metadata
* Snapshot metadata
* Timestamp metadata
* Targets metadata, including any custom fields
* Delegated targets metadata, if different than targets metadata
mnm678 marked this conversation as resolved.
Show resolved Hide resolved
* ECU metadata and vehicle version manifest