Cross-check security requirements with other industry initiatives (Arm BBRS)

[andreiw]

Do we consider these part of the BRS-I or should this be a separate document like BBRS?

[adurbin-rivos]

What security aspects are you thinking should be covered?

[andreiw]

To paraphrase the Arm BBRS (https://developer.arm.com/documentation/den0107/latest/)

Platform requirements for BRS-based systems that enable standard, suitably built
operating systems to seamlessly use standard security interfaces. These interfaces include the following security
related functionality:
• UEFI authenticated variables
• UEFI secure boot
• UEFI secure firmware update using Update Capsules
• TPMs and measured boot

The Arm BBRS also covers platform reset attacks, and implementation guidelines (which they refer to as a checklist)

Maybe don't have to overthink this and it can be first defined under a server platform spec and then factored out. Or it could be an optional addendum to BRS.

Thoughts?

[andreiw]

Need to revisit this, esp wrt #136 and #135