Uptane is the first compromise-resilient software update security system for the automotive industry. Beginning in 2018, a working group has begun the process of describing the system's design, implementation, and deployment considerations as a formal standard, working as an IEEE-ISTO industry group. This repository is the public home of that standardization work.
Several documents are already available which describe Uptane's design and implementation:
- Design Overview
- Implementation Specification
- Deployment Considerations
- Reference Implementation and Demonstration Code
The standard is being written in RFC 2629/RFC 7749 format, using markdown as a source. Comments, issues, and pull requests are welcome.
We use GitHub Flow for contributing content. When you are working on a section, make a branch off the current master, and submit a pull request when it's ready to merge. If github reports any merge conflicts in the PR, please rebase until the merge can be done cleanly.
Use clear, informative commit messages, and squash any minor commits that do not represent an actual contribution of content (e.g. typo fixes). It is not necessary to squash all your commits when submitting a PR, but please try to keep the commit history reasonably clean.
Don't use fixed-width columns. The plaintext rendering target will produce a text file with fixed-width columns; using fixed-width columns in the markdown source just makes the diffs harder to read.
We use kramdown-rfc2629 to render the markdown source into xml, and xml2rfc to render the XML into HTML or plaintext. A Makefile is included for convenience. You can also render using Docker if you don't wish to install the tools. See make help for options.
The rendered HTML from the markdown source at master will be available at https://uptane.github.io/uptane-standard/uptane-standard.html. You can update this, if you have commit rights to this repository, by pushing uptane-standard.html to the gh-pages branch.
TODO: Set up CI to auto-push on merge to master.