From: Matthias Kruk Date: Fri, 4 Sep 2020 15:50:31 +0000 (+0900) Subject: doc/man: Add high-level overview of the CDL process X-Git-Url: https://git.corax.cc/?a=commitdiff_plain;h=refs%2Fheads%2Fcdl;p=corax doc/man: Add high-level overview of the CDL process --- diff --git a/doc/man/cdl.0 b/doc/man/cdl.0 new file mode 100644 index 0000000..dbbec5a --- /dev/null +++ b/doc/man/cdl.0 @@ -0,0 +1,68 @@ +.TH CDL 0 2020-09-04 "0.1" "The Corax Programming Environment" + +.SH INTRODUCTION + +The Corax Development Lifecycle is a security-focused software development process aimed at +losely-structured projects such as free software projects. The purpose of this process is to +improve the security posture of the project by emphasizing security activities such as threat +modelling and risk analysis, and by mandating security documentation that allows users and +developers to understand the security properties of the project. + + +.SH THE PROCESS + +The CDL process attempts to consider the needs of agile software development through a recursive +approach. At the highest level, the process is subdivided into three parts. The first part is the +project inception, during which roles and responsibilities are assigned to key people, and the +purpose of the project is defined. + +.PS +move right 1.0 +down +box "Project" "definition" width 1.2 +arrow +D0: box "High-level" "design" width 1.2 +arrow +box "Implementation" width 1.2 +arrow +box "Verification" width 1.2 +arrow +box "Release" width 1.2 +arrow +box "Incident response" width 1.2 + +arrow from D0.e up 0.1 right 0.6 dashed +DD0: box "" width 1.2 dashed +down +arrow at DD0.s dashed +box "" width 1.2 dashed +arrow dashed +VV0: box "" width 1.2 dashed +arrow from VV0.w to D0.e dashed + +arrow from DD0.e right dashed +DD1: box "" width 1.2 dashed +down +arrow at DD1.s dashed +box "" width 1.2 dashed +arrow dashed +VV1: box "" width 1.2 dashed +arrow from VV1.w to DD0.e dashed + +arrow right at D0.e +D1: box "Component" "design" width 1.2 fill 0.1 +down +arrow at D1.s +box "Implementation" width 1.2 fill 0.1 +arrow +V1: box "Verification" width 1.2 fill 0.1 +arrow from V1.w to D0.e +arrow right at D1.e +D2: box "Sub-component" "design" width 1.2 fill 0.1 +down +arrow at D2.s +box "Implementation" width 1.2 fill 0.1 +arrow +V2: box "Verification" width 1.2 fill 0.1 +arrow from V2.w to D1.e +.PE