feat: full safety and cyber pack — TARA, FMEA, SAS, boundary, safety manual, IEC 62443, CI hardening#2
Merged
Merged
Conversation
…manual, IEC 62443, CI hardening - Add TARA.md + tara.json: 7 threats (THREAT-01..07), CVSS scores, 8 security controls, attack tree, residual risk acceptance — ISO/SAE 21434 + IEC 62443-4-1 SL-2 - Add SAFETY_MANUAL.md: safe API patterns, anti-patterns, thread safety matrix, memory budget, shutdown sequencing — ISO 26262-6 §7 / Part 10 §9 SEooC - Add SECURITY.md + INCIDENT-RESPONSE.md: coordinated disclosure, ASIL impact assessment, ISN process — ISO/SAE 21434 §7.4, IEC 62443-4-1 SM-2 - Add boundary.mermaid: ISO 26262-6 §7.4.1 software architecture boundary diagram with all 9 modules, data flows, and ASIL annotations - Add sas.md: Software Architecture Specification with module responsibilities, invariants, public interfaces, data flow, memory safety strategy - Add fmea.json: 14 FMEA entries linked to HARA hazards H-01..H-05, severity/occurrence/detection ratings, all Closed — ISO 26262-9 - Expand .fusa-iec62443.json: 5-line stub → 19 security requirements (SR-IAC, SR-UC, SR-SI, SR-DC, SR-RDF, SR-TR, SR-RA, SR-SM, SR-SD, SR-SV) with IEC 62443-4-1/4-2 standard references and evidence links - Add REQ-RELAY-001..029,051,056,059 to .fusa-reqs.json: 32 new requirements closing orphan fusa:req annotations in relay.hpp/relay.cpp — full traceability - CI: remove || true from cpfusa lint and cpfusa cyber (now hard gates) - CI: add ThreadSanitizer job (REQ-VIRT-018 concurrent access gate) - CI: add TARA.md, SAFETY_MANUAL.md, INCIDENT-RESPONSE.md, SECURITY.md to ASIL-B evidence artifact upload - src/lin.cpp: REQ-ADAPT-001..005 annotations + send() range-check fix - tests/test_relay_adapter.cpp: REQ-ADAPT-001..005 full coverage + 5 new tests Signed-off-by: Matt Jones <matt@jellybaby.com> Signed-off-by: Matt Jones <47545907+SoundMatt@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
TARA.md+tara.jsonfmea.jsonsas.mdboundary.mermaidSAFETY_MANUAL.mdINCIDENT-RESPONSE.md,SECURITY.md.fusa-iec62443.jsonfrom 5-line stub to 19 security requirements with standard references and evidence.fusa-reqs.json— closes all orphanfusa:reqannotations inrelay.hpp/relay.cppcpfusa lintandcpfusa cyberare now hard gates (no|| true); ThreadSanitizer job added for REQ-VIRT-018; all new docs added to ASIL-B evidence artifact uploadTest plan
cpfusa lint(now hard gate) passescpfusa cyber(now hard gate) passescpfusa qualifyASIL-B gate passes