Glossary of terms and abbreviations
- AAPCS
ARM Architecture Procedure Call Standard: The AAPCS defines how subroutines can be separately written, separately compiled, and separately assembled to work together. It describes a contract between a calling routine and a called routine
- Application RoT
PSA term. The security domain in which additional security services are implemented.
- HAL
Hardware Abstraction Layer: Interface to abstract hardware-oriented operations and provides a set of APIs to the upper layers.
- ITS
- Internal Trusted Storage
One of PSA services provided by TF-M.
- MPC
Memory Protection Controller: Bus slave-side security controller for memory regions.
- MPU
Memory Protection Unit: Hardware component providing privilege control.
- NSPE
Non Secure Processing Enviroment: PSA term. In TF-M this means non secure domain typically running an OS using services provided by TF-M.
- PPC
Peripheral Protection Controller: Bus slave-side security controller for peripheral access.
- PS
- Protected Storage
One of PSA services provided by TF-M.
- PSA
PSA term. Platform Security Architecture.
- PSA RoT
PSA term. This defines the most trusted security domain within a PSA system.
- PSA-FF
PSA term. Platform Security Architecture Firmware Framework.
- PSA-FF-M
PSA term. Platform Security Architecture Firmware Framework for M.
- RoT
Root of Trust: PSA term. This is the minimal set of software, hardware and data that is implicitly trusted in the platform — there is no software or hardware at a deeper level that can verify that the Root of Trust is authentic and unmodified.
- RoT Service
PSA term. A set of related security operations that are implemented in a Secure Partition.
- S/NS
Secure/Non-secure: The separation provided by TrustZone hardware components in the system.
- SAU
Secure Attribution Unit: Hardware component providing isolation between Secure, Non-secure Callable and Non-secure addresses.
- SFN
Secure Function: The function entry to a secure service. Multiple SFN per SS are permitted.
- SP
- Secure Partition
A logical container for secure services.
- SPE
Secure Processing Environment: PSA term. In TF-M this means the secure domain protected by TF-M.
- SPM
- Secure Partition Manager
The TF-M component responsible for enumeration, management and isolation of multiple Secure Partitions within the TEE.
- SPRT
Secure Partition Runtime: The TF-M component responsible for Secure Partition runtime functionalities.
- SPRTL
Secure Partition Runtime Library: A library contains the SPRT code and data.
- SS
Secure Service: A component within the TEE that is atomic from a security/trust point of view, i.e. which is viewed as a single entity from a TF-M point of view.
- SVC
SuperVisor Call: ARMv7M assembly instruction to call a privileged handler function
- TBSA-M
Trusted Base System Architecture for M. TBSA term. See Trusted Base System Architecture for M
- TFM
- TF-M
Trusted Firmware-M or Trusted Firmware for M-class. ARM TF-M provides a reference implementation of secure world software for ARMv8-M.
Reference
Copyright (c) 2017-2022, Arm Limited. All rights reserved.