Design documents

• Dual-CPU
  • Booting a Dual-Core System
  • Communication Prototype Between NSPE And SPE In Dual Core System
  • Mailbox Design in TF-M on Dual-core System
  • Memory Access Check of Trusted Firmware-M in Multi-Core Topology
• TF-M Profiles
  • Trusted Firmware-M Profile Large Design
  • Trusted Firmware-M Profile Medium Design
  • Trusted Firmware-M Profile Small Design
• Code sharing between independently linked XIP binaries
  • Motivation
  • Technical challenge
  • Design concept
  • Tools support
  • Memory footprint reduction
  • Useability considerations
  • How to use code sharing?
  • Further improvements
• Fixing implicit casting for C enumeration values
  • Abstract
  • C99 Standard point of view
  • Strategies to fix
  • Design proposal for TF-M
• FF-M Isolation
  • Introduction
  • Reference Implementation
• Hardware Abstraction Layer
  • Introduction
  • Overview
  • Design Principles
  • Source Files
  • Status Codes
  • API Definition for TF-M SPM
  • API Definition for Secure Partitions
• Protected Storage service key management
  • Background
  • Proposal
  • Key derivation
  • Key use
  • Future changes
  • References
• HW crypto key integration in TF-M secure boot
  • Abstract
  • Existing key handling solution
  • Requirements
  • Design proposal
  • Platform support
  • Compile time configurability
  • Tooling
• Rollback protection in TF-M secure boot
  • Anti-rollback protection
  • Elements of software upgrade
  • Validation of new image
  • Manifest format in MCUBoot
  • Security counter
  • Implementation of security counter
  • Trusted non-volatile (NV) counters
  • NV counters and anti-rollback protection
  • Boot flow with anti-rollback protection
  • Tool support
• Secure Enclave solution for Trusted Firmware-M
  • Abstract
  • Introduction
  • Requirements
  • Proposed design
• Secure Partition Manager
  • Introduction
  • Runtime management
  • Practical implementation items
  • Integration and development
  • History
• Trusted Firmware-M Source Structure
  • Introduction
  • Source Structure
• Stateless Root of Trust Services Reference
  • Introduction
  • Implementation Details
  • Application Recommendation
  • Reference
• Symmetric key algorithm based Initial Attestation
  • Introduction
  • Design overview
  • IAT generation in Initial Attestation secure service
  • COSE_Mac0 support in t_cose
  • TF-M Test suite
  • HAL APIs
  • Reference
• Code Generation With Jinja2
  • Generating files from templates in TF-M
  • Custom generator script - Current method
  • Use Jinja2 template engine - proposal
  • Example
• Cooperative Scheduling Rules
  • TF-M Scheduler - Rules
  • Objectives and Requirements
  • Scheduler Rules for context switching between SPE and NSPE
• Crypto Service design
  • Abstract
  • Introduction
  • Components
  • Service API description
  • Configuration parameters
  • References
• Firmware Update Service
  • Introduction of Firmware Update service
  • Components
  • Service API description
  • Shim Layer between FWU and bootloader
  • Additional shared data between BL2 and SPE
  • Image ID structure
  • Benefits Analysis on this Partition
  • Reference
• Add support for block-aligned flash in Internal Trusted Storage
  • Abstract
  • Requirements
  • Current implementation
  • Proposed implementation overview
  • Considerations
  • Functional flow diagram
• Internal Trusted Storage (ITS) Service
  • PSA Internal Trusted Storage
  • Current TF-M Secure Storage
  • New TF-M service
  • Code structure
  • Detailed design considerations
• Log system design document
  • Background
  • Design
  • Log Devices
• Partition and Service Design Document
  • Terminology
  • Design Overview
  • Partition Database
  • Service Database
• Physical attack mitigation in Trusted Firmware-M
  • Requirements
  • Physical attacks
  • Effects of physical attacks in hardware and in software execution
  • Mitigation against physical attacks
  • TF-M Threat Model against physical attacks
  • TF-M countermeasures against physical attacks
  • Reference
• TF-M Inter-Process Communication
  • Terminology
  • Design Overview
  • Implementation Details
  • Reference
• Secure boot
  • Second stage bootloader in TF-M
  • Integration with TF-M
  • Firmware upgrade operation
  • Multiple image boot
  • Signature algorithms
  • Build time configuration
  • Signing the images manually
  • Testing firmware upgrade
  • Integration with Firmware Update service
• Secure Partition Runtime Library
  • Background
  • Design Principal
• Uniform Secure Service Signature
  • Declaring secure service interface
  • Compatibility

---

Copyright (c) 2021, Arm Limited. All rights reserved.