diff --git a/AGENTS.md b/AGENTS.md new file mode 100644 index 0000000000..40fff32326 --- /dev/null +++ b/AGENTS.md @@ -0,0 +1,17 @@ +# Agent guidance + +This file is read by automated agents (security scanners, code analyzers, +AI assistants) operating on this repository. It points them at the +human-authored references they should consult before producing output. + +## Security + +Security model: [SECURITY.md](./SECURITY.md), which links to the project's +threat model at [draft-THREAT-MODEL.md](./draft-THREAT-MODEL.md). + +Agents that scan this repository should consult `draft-THREAT-MODEL.md` for +the project's in-scope / out-of-scope declarations, adversary model, security +properties, and known non-findings before reporting issues. Apache PLC4X is a +client library for industrial protocols (most of which are unauthenticated / +unencrypted by design); the threat model is about which threats the library +takes on versus which are left to the operator and the OT network. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..558897462d --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,20 @@ +# Security Policy + +## Reporting a Vulnerability + +Please report suspected security vulnerabilities in Apache PLC4X privately to +the Apache Security Team at , following the ASF process +at . Do not open public GitHub issues or +pull requests for security reports. + +## Threat Model + +Apache PLC4X's security threat model — what is in and out of scope, the +security properties the project provides and disclaims, the adversary model, +the environmental assumptions, and how findings are triaged — is documented in +[draft-THREAT-MODEL.md](./draft-THREAT-MODEL.md). + +PLC4X speaks industrial protocols (Modbus, S7, OPC-UA, ADS, EtherNet/IP, …), +most of which are unauthenticated and unencrypted by design. The threat model +covers the parser/driver trust boundary (responses from the device/wire) and +draws the line on what is the operator's and the OT network's responsibility.