docs(threat-model): classify threats by mitigating entity

The generic threat model used to list threats in no particular order.

Reorganize threats so that they are grouped by mitigating entity. For
example, threats mitigated by the boot firmware (i.e. BL1 and BL2) are
now clubbed together, ditto for those mitigated by the runtime EL3
firmware. Note that some generic threats apply to all firmware images
so these get grouped in their own section as well.

The motivations for this refactoring are the following:

 - Clarify the scope of the threats.

   In particular, as the boot firmware is typically transient, threats
   applying to those images can only be exploited during a short
   period of time before the runtime firmware starts.

   A note has been added to this effect.

 - Helping developers implement mitigations in the right place.

 - Some vendors have their own solution for booting their device and
   only leverage the runtime firmware from the TF-A project. Thus,
   they are not interested in the threat model of TF-A's boot
   firmware. Isolating the latter in a specific section helps them
   focus on what is important for them.

To avoid unnecessary churn, the threats ids have been kept the same.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Id8616fd0e4b37cd400b1ad3372beb3455234d4dc