doc/security/security-citations.rst - third_party/github/zephyrproject-rtos/zephyr - Git at Google

 :orphan:

 .. _security-citations:

 Security Document Citations
 ###########################

 .. [SALT75] J. H. Saltzer and M. D. Schroeder, "The protection of
    information in computer systems," Proceedings of the IEEE, vol. 63, no.
    9, pp. 1278-1308, Sep 1975. [Online].
    Available: http://web.mit.edu/Saltzer/www/publications/protection/.

 .. [PAUL09] M. Paul, "The Ten Best Practices for Secure Software
    Development," International Information Systems Security Certification
    Consortium, Inc. [(ISC)2 |reg|], Palm Harbor, FL, USA, 2009.

 .. [MS12] Microsoft Corporation, Security Development Lifecycle - SDL
    Process Guidance Version 5.2,2012.

 .. [CCITSE12] Common Criteria for Information Technology Security
    Evaluation ver. 3.1 rev. 4, 2012.

 .. [MICR16] Micrium, "Certification Kits," 2016. [Online]. Available:
    https://www.micrium.com/certification/certification-kits/.

 .. [NIST02] National Institute of Standards and Technology, FIPS PUB 140-2:
    Security Requirements for COMPANY PUBLIC Application note Cryptographic
    Modules, Gaithersburg, 2002.

 .. [GHS10] Green Hills Software, "INTEGRITY-178B Separation Kernel Security
    Target v4.2," 2010.

 .. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels",
    BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997. [Online]. Available:
    https://www.rfc-editor.org/info/rfc2119.

 .. [STRIDE09] Microsoft Corporation, "The STRIDE Threat Model, 2009". [Online].
    Available: https://msdn.microsoft.com/en-us/library/ee823878%28v=cs.20%29.aspx.

 .. [CVSS] Forum of Incident Response and Security Teams,
    "Common Vulnerability Scoring System v3.0: Specification Document". [Online].
    Available: https://www.first.org/cvss/specification-document.

 .. [OWASP] Open Web Application Security Project,
    "Application Threat Modeling". [Online].
    Available: https://www.owasp.org/index.php/Application_Threat_Modeling.

 .. [CIIBPB] Core Infrastructure Initiative Best Practices Badge. [Online].
    Available: https://github.com/linuxfoundation/cii-best-practices-badge
	:orphan:

	.. _security-citations:

	Security Document Citations
	###########################

	.. [SALT75] J. H. Saltzer and M. D. Schroeder, "The protection of
	information in computer systems," Proceedings of the IEEE, vol. 63, no.
	9, pp. 1278-1308, Sep 1975. [Online].
	Available: http://web.mit.edu/Saltzer/www/publications/protection/.

	.. [PAUL09] M. Paul, "The Ten Best Practices for Secure Software
	Development," International Information Systems Security Certification
	Consortium, Inc. [(ISC)2 \|reg\|], Palm Harbor, FL, USA, 2009.

	.. [MS12] Microsoft Corporation, Security Development Lifecycle - SDL
	Process Guidance Version 5.2,2012.

	.. [CCITSE12] Common Criteria for Information Technology Security
	Evaluation ver. 3.1 rev. 4, 2012.

	.. [MICR16] Micrium, "Certification Kits," 2016. [Online]. Available:
	https://www.micrium.com/certification/certification-kits/.

	.. [NIST02] National Institute of Standards and Technology, FIPS PUB 140-2:
	Security Requirements for COMPANY PUBLIC Application note Cryptographic
	Modules, Gaithersburg, 2002.

	.. [GHS10] Green Hills Software, "INTEGRITY-178B Separation Kernel Security
	Target v4.2," 2010.

	.. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels",
	BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997. [Online]. Available:
	https://www.rfc-editor.org/info/rfc2119.

	.. [STRIDE09] Microsoft Corporation, "The STRIDE Threat Model, 2009". [Online].
	Available: https://msdn.microsoft.com/en-us/library/ee823878%28v=cs.20%29.aspx.

	.. [CVSS] Forum of Incident Response and Security Teams,
	"Common Vulnerability Scoring System v3.0: Specification Document". [Online].
	Available: https://www.first.org/cvss/specification-document.

	.. [OWASP] Open Web Application Security Project,
	"Application Threat Modeling". [Online].
	Available: https://www.owasp.org/index.php/Application_Threat_Modeling.

	.. [CIIBPB] Core Infrastructure Initiative Best Practices Badge. [Online].
	Available: https://github.com/linuxfoundation/cii-best-practices-badge