daml
daml copied to clipboard
digital-asset
Submit Application Runtime security evidence for review
The team has completed all the outstanding items that have been considered as part of the "evidencing security" topic for the application runtime. These are collected in https://github.com/digital-asset/daml/issues/13131.
The final step to consider the work done is to submit the output of the work to @nycnewman for him to review. The application runtime security evidence is now available alongside the once for the language as part of this document (the link hard-codes a specific commit to make sure it will be valid in the future given the context of this message).
Some further considerations:
- This is an ongoing activity that will never complete. (A complete set of tests will never exist)
- Over time we will add more security tests, ensuring that we test both positive and negative outcomes, as well as malicious intent. Tests will be annotated and included in the https://github.com/digital-asset/daml/blob/main/security-evidence.md to provide evidence of the tests that we have and what they test.
- @nycnewman is going to look into possibly standardizing a set of categories to annotate tests with, keeping room for categories that are specific to certain areas.
We must add security test evidence in the released artifacts, similar to test-evidence.zip in https://github.com/digital-asset/daml/releases/tag/v2.2.0, which captures that we have run these security tests as part of builds towards a specific release: https://github.com/digital-asset/daml/issues/13936
- Maybe move to scalatest style annotations (lib scala test evidence)?
- Single threat model, base test evidence on that?
- Where is the test evidence published?
https://docs.google.com/document/d/1U1YKEKDkImbs7te7CmXgnUnnKzTmkwY7x2GR8xkl--4/edit# defines DoD
The information in this issue is outdated, please see https://github.com/digital-asset/daml/issues/14254 which supersedes this issue.