azaion/gps-denied-onboard
1
0
Fork 0
mirror of https://github.com/azaion/gps-denied-onboard.git synced 2026-06-22 12:01:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ee6606a9c28c24da145c7e421b9af8b1ce9cc329
gps-denied-onboard/_docs/05_security/owasp_review.md
T
Oleksandr Bezdieniezhnykh ee6606a9c2 [AZ-243] Record security audit 
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-07 03:40:36 +03:00

27 lines
2.5 KiB
Markdown
Raw Blame History

# OWASP Top 10 Review
**Date**: 2026-05-07
**Reference**: OWASP Top 10:2021, current official Top 10 referenced from <https://owasp.org/www-project-top-ten/>
**Result**: PASS_WITH_WARNINGS
## Assessment
| OWASP Category | Status | Findings / Notes |
|----------------|--------|------------------|
| A01: Broken Access Control | PASS | No web/API authorization surface is implemented in the current runtime code. MAVLink source/system ID and cache trust boundaries are represented in architecture/tests. |
| A02: Cryptographic Failures | PASS_WITH_WARNINGS | No weak crypto or secret leakage found in source. Cache signature checks compare trusted signature hashes, but production key handling remains a deployment concern. |
| A03: Injection | PASS | No SQL construction, shell execution, dynamic code execution, or template rendering paths were found in source. |
| A04: Insecure Design | PASS_WITH_WARNINGS | `S1` is a resource-exhaustion design gap for local VPR descriptor package loading. |
| A05: Security Misconfiguration | PASS_WITH_WARNINGS | `S2` covers default development database credentials and broad host port exposure in `docker-compose.yml`. |
| A06: Vulnerable and Outdated Components | PASS | `pip-audit` reported no known vulnerabilities for the project dependency set. |
| A07: Identification and Authentication Failures | NOT_APPLICABLE | No user/session authentication surface is implemented in this package. |
| A08: Software and Data Integrity Failures | PASS_WITH_WARNINGS | Cache metadata validation is implemented, but CI currently validates tests/compose only; dependency audit and secret/SAST scanning are not yet CI gates. |
| A09: Security Logging and Monitoring Failures | PASS | Architecture and tests require FDR/QGC visibility for cache rejection, spoofing, blackout, and health events. |
| A10: Server-Side Request Forgery | NOT_APPLICABLE | No HTTP client, URL-fetching, or server-side request surface was found in runtime source. |
## OWASP Notes
- The current package is primarily an onboard runtime and replay harness, not a web application. Several OWASP categories are therefore assessed through local trust boundaries: cache package integrity, MAVLink source filtering, runtime configuration, and generated-tile promotion.
- The strongest security controls already represented in code/docs are no in-flight satellite-provider calls, cache manifest/hash checks, spoofed/unauthorized MAVLink rejection tests, and FDR-visible security events.
- Remaining warnings are hardening items rather than exploitable remote vulnerabilities in the current code shape.
Reference in New Issue View Git Blame Copy Permalink