-
Notifications
You must be signed in to change notification settings - Fork 2
BSL ERR Requirements
ckrup edited this page Jan 16, 2025
·
2 revisions
| Rqmt ID | Title | Description | Rationale | Verification |
|---|---|---|---|---|
| BSL-ERR-1-0 | Security Operation Result | The BSL shall indicate to the BPA the result (e.g. success, failure, or error) of each attempted security operation. | The BPA may keep its own statistics and processing separate from the processing actions provided by the BSL. | Test |
| BSL-ERR-1-1 | Verification of Security Operations | The BSL shall verify the security operations of a security block for which the BPA is the Security Verifier as defined in RFC 9172. | Define verification in terms of a security operation. | Test |
| BSL-ERR-1-2 | Verification Security Blocks Are Present | The BSL shall verify that every security block required by security policy at the current node is present in the bundle. | BSL will request specific data about the bundle from BPA. | Test |
| BSL-ERR-1-3 | Designation of Block of Unintelligible | The BSL shall have the ability to inform the BPA that a block is unintelligible using Reason Code 8 as defined in RFC 9171. | The BPA will act upon information about bad block processing. | Test |
| BSL-ERR-2-0 | Reporting Metrics and Telemetry | The BSL shall collect metrics indicating health and performance. | It is important to get internal performance metrics, such as error counts, running averages, as well as others to characterize health and performance bottlenecks. The BSL’s telemetry delivery mechanism should be library agnostic. These metrics can be used to inform both real-time and post-hoc remediation and troubleshooting. | Test |
| BSL-ERR-2-1 | Logging Runtime Behavior | The BSL shall write diagnostic information to a configurable logging system. | Important resource for diagnosing problems. The BSL should use a wrapper for its logging calls, which can be set to a specific logger in the interface code. The BSL should log in a manner that is library-agnostic. | Test |
| BSL-ERR-3-0 | Error and Failure Handling | The BSL shall establish abort procedures to recover from security operation failures. | Safely cleaning up resources when security processing fails. This is separate from processing actions relating to handling security operation failures. This requirement is meant to ensure that host-provided applications and the library itself maintain sane configuration and status when errors occur. | Test |
| BSL-ERR-3-1 | Interface Errors | The BSL shall report on the failure of any interface to perform a requested operation. | For example, if the BSL requests that a BPA delete a block from a bundle, and the BPA fails to perform that request. | Test |
| BSL-ERR-3-2 | Process Abort | The BSL shall cease processing related security operations when there is a processing error associated with those operations. | Upon failure of a part of a security processing chain, the remainder of the security processing chain should not be attempted. | Test |
| BSL-ERR-4-0 | Test Framework | The BSL shall implement fault-injection interfaces. | The BSL should exercise error/failure handling as part of routine builds and deliveries. Fault injection interfaces are typically conditionally compiled into the library and not enabled for operational use. | Test |