Thank you to everyone who has volunteered on this project! Below are some notes from the most recent meeting focused on outlining the document and assigning authors to sections.
- Discussions
- Previous call listed out some controls that improve security and quality of the research together.
- Controls listed aren't exhaustive - want to focus on core or representative examples, additional security controls are welcome!
- Want to keep document inline with NIST architecture
- Proposed moving the architecture description higher up in the document to improve flow
- Link to document: https://docs.google.com/document/d/1GZAuFf8kHlynSiZB8VLpvOFQd6lxN5AA/edit
- Writing instructions
- Utilize the input validation section as an outline for the sections. Chris will also work on providing another example
- Before the next call (Nov 14), attempt to write your sections.
- Complete sections will be reviewed on the call
- Incomplete sections will discuss any roadblocks, concerns, and assistance that may be needed
- Sections claimed
- Vulnerability Management
- Enclave
- Zero Trust
- Message Passing controls
- Architecture Description
- Sections unclaimed:
- Document overview sections
- Security controls - reach out to Chris or Hillary if you'd like to volunteer for these sections
- Error Handling
- Escaping
- Update Mechanisms
- Validation of Libraries
- Memory safety control (OpenMP)
- Logging
------------------------------
Hillary Baron
Sr Technical Director
CSA
------------------------------