Processing environments
The boards supported by the SDK distinguish entries according to the CPU to target (for multi-core SoCs) and whether Cortex-M Security Extensions (CMSE) are used or not (addition of the */ns
variant if they are used).
When CMSE is used, the firmware is split in accordance with the security by separation architecture principle to better protect sensitive assets and code. With CMSE, the firmware is stored in one of two security environments (flash partitions), either Secure Processing Environment (SPE) or Non-Secure Processing Environment (NSPE). This isolation of firmware is only possible if the underlying hardware supports ARM TrustZone.
In Zephyr and the nRF Connect SDK, SPE and NSPE are used exclusively in the context of the application core of a multi-core SoC. Building follows the security by separation principle and depends on the board target.
Building for cpuapp
(CMSE disabled)
When you build for a board target that uses the cpuapp
CPU cluster, but does not use the */ns
variant, you build the firmware for the application core without CMSE.
Because CMSE is disabled, TF-M is not used and there is no separation of firmware.
Building for */ns
(CMSE enabled)
When you build for a board target that uses the */ns
variant, you build firmware with CMSE.
Firmware is separated in the following way:
SPE implements security-critical functionality and data (including bootloaders) and isolates them from the application software in NSPE. It also contains secure firmware running in the secure state.
NSPE typically implements the user application and communication firmware, among other major components.
The application is built as a non-secure image and Trusted Firmware-M (TF-M) is built as the secure image. The build system merges both images to form a combined image that will be used for programming or updating the device.
TF-M enables hardware-supported separation of firmware. It also implements Platform Security Architecture (PSA) API, which provides security features for the system, including roots of trust for protecting secrets, platform state, and cryptographic keys. The API coordinates the communication with the components in NSPE.
More information about SPE and NSPE
Read the following pages for a better understanding of security by separation in the nRF Connect SDK: