Running applications with Trusted Firmware-M
On nRF5340 and nRF9160, you can use Trusted Firmware-M (TF-M) as an alternative to Secure Partition Manager for running an application from the non-secure area of the memory.
TF-M is the reference implementation of Platform Security Architecture (PSA).
It provides a highly configurable set of software components to create a Trusted Execution Environment. This is achieved by a set of secure run time services such as Secure Storage, Cryptography, Audit Logs, and Attestation. Additionally, secure boot through MCUboot in TF-M ensures integrity of run time software and supports firmware upgrade.
Support for TF-M in nRF Connect SDK is currently experimental. TF-M is a framework which will be extended for new functions and use cases beyond the scope of SPM.
For official documentation, see the TF-M documentation.
The TF-M implementation in nRF Connect SDK is currently demonstrated in the following samples:
TF-M is one of the images that are built as part of a multi-image application. If TF-M is used in the application, SPM will not be included in it. For more information about multi-image builds, see Multi-image builds.
To add TF-M to your build, enable the
CONFIG_BUILD_WITH_TFM configuration option by adding it to your
To build a minimal version of TF-M, you must also enable the
If you use menuconfig to enable
CONFIG_BUILD_WITH_TFM, you must also enable its dependencies.
You must build TF-M using a non-secure build target. The following targets are currently supported:
When building for
nrf9160dk_nrf9160_ns, UART1 must be disabled in the non-secure application, because it is used by the TF-M secure application.
Otherwise, the non-secure application will fail to run.
The recommended way to do this is to copy the .overlay file from the TF-M Hello World sample.
When using the Nordic Security Module, if
CONFIG_BUILD_WITH_TFM is enabled together with
CONFIG_NORDIC_SECURITY_BACKEND, the TF-M secure image will enable the use of the hardware acceleration of Arm CryptoCell.
In such case, the Kconfig configurations in the Nordic Security Backend control the features enabled through TF-M.
You can configure what crypto modules to include in TF-M by using the
TFM_CRYPTO_ Kconfig options found in file
TF-M utilizes hardware unique keys when the PSA Crypto key derivation APIs are used, and
psa_key_derivation_setup is called with the algorithm
The default configuration of TF-M has all supported features enabled, which results in a significant memory footprint. A minimal version of the TF-M secure application is provided in nRF Connect SDK to show how to configure a reduced version of TF-M.
The secure services supported by this minimal version allow for generating random numbers, hashing with SHA-256, and using
This corresponds to the feature set provided by the Secure Partition Manager.
The minimal version of TF-M is enabled by setting the
CONFIG_TFM_MINIMAL is set, the configurability of TF-M is severely limited.
Hence, it is not possible to modify the TF-M minimal configuration to create your own variant of the minimal configuration.
Instead, the default configuration must be used as a starting point.
The procedure for programming an application with TF-M is the same as for other multi-image applications in nRF Connect SDK.
After building the application, a
merged.hex file is created that contains MCUboot, TF-M, and the application.
merged.hex file can be then programmed using SES.
When using the command line, the file is programmed automatically when you call
ninja flash or
TF-M employs two UART interfaces for logging: one for the secure part (MCUboot and TF-M), and one for the non-secure application. The logs arrive on different COM ports on the host PC.
On the nRF5340 DK v1.0.0, you must connect specific wires on the kit to receive secure logs on the host PC. Specifically, wire the pins P0.25 and P0.26 of the P2 connector respectively to RxD and TxD of the P24 connector. See Getting logging output on the Working with nRF5340 DK page for more information.
On the nRF5340 DK v2.0.0, there is one fewer COM port than on v1.0.0, so the secure and non-secure UART peripheral must be wired to the same pins. Specifically, wire the pins P0.25 and P0.26 to P0.20 and P0.22, respectively.