threat model: Add scope section and update the trusted boundary

This patch adds a scope section to the document and clarifies the trusted boundary in the diagram. Signed-off-by: Tarek El-Sherbiny <[email protected]>
ARM-software · Jul 9, 2024 · d0a77d7 · d0a77d7
1 parent 032aed5
commit d0a77d7
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 74 deletions.
diff --git a/doc/scp_firmware_threat_model.md b/doc/scp_firmware_threat_model.md
@@ -17,17 +17,18 @@ privileges to configure and control the access rights of other agents in the
 system. PSCI agent generally is the trusted agent. The platform is responsible
 for securing the privileged agent.
 
+## Scope
+
+The SCP Firmware provides system SCMI agents like OSPM and PSCI control over
+hardware resources such as power domain gating, voltage supplies, clocks,
+sensors and counters. The scope of the threat model assets are the SCMI
+resources including devices and protocols. The trust boundary is between the
+SCMI Agents and the Firmware.
 
 ## SCP-Firmware Data Flow Diagrams
 
 ![SCP Firmware Data Flow Diagram](threat_model/Threat_model.drawio.svg)
 
-The SCP Firmware provides system agents like OSPM, PSCI, MCP, LCP, and RSS
-control over hardware resources such as power domain gating, voltage supplies,
-clocks, sensors and counters. The scope of the threat model assets are the SCMI
-resources including devices and protocols. The trust boundary is between the
-SCMI Agents and the SCP.
-
 ## Assumptions
 
 Agents send requests over a private transport channel. A typical channel is a

diff --git a/doc/threat_model/Threat_model.drawio.svg b/doc/threat_model/Threat_model.drawio.svg