[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
[threadx] Regarding cybersecurity-related information for Eclipse ThreadX
|
Dear Eclipse ThreadX administrator,
I would like to know more about ThreadX's cybersecurity response. Could you please provide me with some information?
1. Are there any documents you can provide regarding the Eclipse ThreadX usage environment (security context, etc.) and defense-in-depth strategy?
2. There is a Microsoft website at the following URL that seems to have information related to the above, but is this information still valid?
https://github.com/MicrosoftDocs/azure-docs/blob/4bfd62a9cd9282db996dd7dbc316faeace2335d7/articles/iot/concepts-eclipse-threadx-security-practices.md
3. ThreadX appears to have obtained Common Criteria EAL4+ certification, so could you provide more information such as the components and versions that are affected?
4. In addition to the above, could you provide any information that can confirm that secure coding was implemented to obtain the certification?
5. In addition to the above, would you be able to provide us with any information that can confirm that static code analysis, etc. was conducted in obtaining the certification?
6. In addition to the above, would you be able to provide us with any information that can confirm that reviews from a security perspective were conducted in obtaining the certification?
7. In addition to the above, would you be able to introduce any other security-related certifications you have received?
Best regards,
--
Yoji Sato
Grape Systems Inc.
