Update baseline.yaml - NEW - OSPS-DO-18

[SecurityCRob]

added proposal for Threat modeling, attack surface analysis, and/or data-flow analysis as part of process & docs

[evankanderson]

+1 on providing specific examples of how to locate the threat model. I think it's fine to grow more examples over time, but leaving this a blank slate makes it hard for tools and project owners to converge on a small set of solutions rather than balls of markdown.

[david-a-wheeler]

Suggested change

	against critical code paths, functions, and interactions
	with the system.
	against attacks on critical code paths, functions, and interactions
	within the system.

Presumably we don't want to prevent the use of critical code paths :-).

[david-a-wheeler]

Suggested change

	Projects need to conduct threat modeling, attack
	surface analysis, and data-flow analysis in order
	Projects need to conduct threat modeling and attack
	surface analysis in order

Just say threat modeling. Data flow analysis typically follows on as part of threat modeling, but you can do lots of data flow analysis that has nothing to do with security, and there's no need to require it. Just require the threat modeling and I think you're covered.

[david-a-wheeler]

Suggested change

	implementation: |
	Create a status check that checks the project's
	version control system for documented threat
	modeling, attack surface analysis, and data flow analysis.
	implementation: |
	Select a threat modeling approach such as STRIDE, DREAD, PASTA, or VAST, then apply it.
	This will typically involve identifying the scope and purpose of the system,
	identifying its assets (which need protection), examining the architecture for threats,
	determining their likelihood and impact, and selecting mitigation strategies.
	autofill: |
	Create a status check that checks the project's
	version control system for documented threat
	modeling, attack surface analysis, and data flow analysis.