1########
2Security
3########
4
5.. toctree::
6    :maxdepth: 1
7
8    Threat Models <threat_models/index>
9    Security Advisories <security_advisories/index>
10
11Security Disclosures
12--------------------
13
14Trusted Firmware-M (TF-M) disclose all security vulnerabilities, or are advised
15about, that are relevant to TF-M. TF-M encourage responsible disclosure of
16vulnerabilities and try the best to inform users about all possible issues.
17
18The TF-M vulnerabilities are disclosed as Security Advisories, all of which are
19listed in the `Security Advisories`_ section.
20
21Found a Security Issue?
22-----------------------
23
24Although TF-M try to keep secure, it can only do so with the help of the
25community of developers and security researchers.
26
27.. warning::
28   If any security vulnerability was found, please **do not**
29   report it in the `issue tracker`_ or on the `mailing list`_. Instead, please
30   follow the `Security incident process`_.
31
32One of the goals of this process is to ensure providers of products that use
33TF-M have a chance to consider the implications of the vulnerability and its
34remedy before it is made public. As such, please follow the disclosure plan
35outlined in the `Security Incident Process`_. TF-M do the best to respond and
36fix any issues quickly.
37
38Afterwards, write-up all the findings about the TF-M source code is highly
39encouraged.
40
41Attribution
42-----------
43
44TF-M values researchers and community members who report vulnerabilities and
45TF-M policy is to credit the contributor's name in the published security advisory.
46
47.. _issue tracker: https://github.com/TrustedFirmware-M/trusted-firmware-m/issues
48.. _mailing list: https://lists.trustedfirmware.org/mailman3/lists/tf-m.lists.trustedfirmware.org/
49.. _Security incident process: https://trusted-firmware-docs.readthedocs.io/en/latest/security_center/incident_handling_process.html
50.. _Security Advisories: https://trustedfirmware-m.readthedocs.io/en/latest/security/security_advisories/index.html
51
52
53--------------
54
55*Copyright (c) 2020-2024, Arm Limited. All rights reserved.*
56