Image1
At the image below, I try to visualize the time line according to the description
at the https://developer.trustedfirmware.org/w/collaboration/security_center/reporting/
page.
Image2
Here I try to visualize the flow when a according to the Security Incident Process
when a vulnearbility is already publicly known.
Image3
Here I try to visualize the flow when a according to the Security Incident Process
when it's an ESS issue. (Here the Trusted Stakeholder probably also should
been shown and the arrow to "Patch submitted" should come after "Develop a fix")