From c07d18baad949ba24702ce8f13ce3dbc30c394eb Mon Sep 17 00:00:00 2001
From: Chidananda Swamy R <chidananda.swamy@ltts.com>
Date: Mon, 16 Mar 2026 15:04:08 +0530
Subject: [PATCH] Clarify security mitigation requirements
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Updated the gd_req__sec_attr_mitigation_issue process requirement to be more precise (tooling‑clear)

Issue: eclipse-score#589

Addition info: eclipse-score#589 (comment)

Signed-off-by: Chidananda Swamy R <chidananda.swamy@ltts.com>
---
 .../guidance/security_analysis_process_reqs.rst                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/process/process_areas/security_analysis/guidance/security_analysis_process_reqs.rst b/process/process_areas/security_analysis/guidance/security_analysis_process_reqs.rst
index 194dc0c44b..9604482eea 100644
--- a/process/process_areas/security_analysis/guidance/security_analysis_process_reqs.rst
+++ b/process/process_areas/security_analysis/guidance/security_analysis_process_reqs.rst
@@ -83,7 +83,7 @@ Process Security Analysis Attributes
    :satisfies: wf__analyse_sec_platform_featarch, wf__analyse_sec_featarch, wf__analyse_sec_comparch
    :complies:
 
-   If a new mitigation is needed, link to the issue and keep status invalid until mitigation is sufficient.
+   If a new security mitigation (avoid, reduce, or share) is needed, link to the issue and keep status invalid until the mitigation is sufficient.
 
 .. gd_req:: Security Analysis attribute: sufficient
    :id: gd_req__sec_attr_sufficient