Version 1.3.0

New major features

  • Support stateless RoT Service defined in FF-M 1.1 [1].

  • Support Second-Level Interrupt Handling (SLIH) defined in FF-M 1.1 [1].

  • Add Firmware Update (FWU) secure service, following Platform Security Architecture Firmware Update API [2].

  • Migrate to Mbed TLS v2.25.0.

  • Update MCUboot version to v1.7.2.

  • Add a TF-M generic threat model [3] .

  • Implement Fault Injection Handling library to mitigate physical attacks [4].

  • Add Profile Large [5].

  • Enable code sharing between boot loader and TF-M [6].

  • Support Armv8.1-M Privileged Execute Never (PXN) attribute and Thread reentrancy disabled (TRD) feature.

  • New platforms added. See New platforms supported for details.

  • Add a TF-M security landing page [7].

  • Enhance dual-cpu non-secure mailbox reference implementation.

New security advisories

Invoking secure functions from non-secure handler mode

Refer to Advisory TFMV-2 for more details. The mitigation is included in this release.

New platforms supported

Deprecated platforms

The following platforms have been removed from TF-M code base.

  • SSE-200_AWS

  • AN539

See Platform deprecation and removal for other platforms under deprecation process.

Tested platforms

The following platforms are successfully tested in this release.

  • AN519

  • AN521

  • AN524

  • AN547

  • LPCXpresso55S69

  • MPS2 SSE300

  • Musca-B1

  • Musca-B1 Secure Enclave

  • Musca-S1

  • M2351

  • M2354

  • nrf5340dk

  • nrf9160dk


  • PSoC 64

  • STM32L562E-DK

Known issues

Some open issues exist and will not be fixed in this release.


Issue links

PSA Arch Crypto test suite have several known failures.

See this link for detailed analysis of the failures.

Protected Storage Regression test 4001 is stuck on SSE-300 in isolation
level 2 when PXN is enabled.

IPC Regression test fail when non-secure regression test is enabled and
secure regression test is disabled.

Panic test in PSA Arch IPC test suite generates inconsistent results
between Armclang and GNUARM.

Issues fixed since 1.2.0

Issues fixed by TF-M since v1.2.0 are listed below.


Issue links

Dual-cpu NS mailbox initialization shall be executed after CMSIS-RTOS
RTX kernel initialization

Issues closed since 1.2.0

The following issues are closed since v1.2.0. These issues are related to platform hardware limitations or 3rd-party tools and therefore won’t be fixed by TF-M.


Issue links

psa_verify_rsa() fails when PSA Crypto processes RSASSA-PSS
algorithm in CryptoCell-312.
Mbed TLS implementation of psa_verify_rsa() always passes
MBEDTLS_MD_NONE to mbedtls_rsa_rsassa_pss_verify().
However, CryptoCell-312 doesn’t support MD5 and uses other algorithms
instead. Therefore, Mbed TLS implementation may fail when input
algorithm doesn’t match other parameters.

Regression tests fail with GNU Arm Embedded toolchain version
The support for CMSE feature is broken in version 10-2020-q4-major. The
fix will be available in future release version.
A note is added in Install a toolchain.


Copyright (c) 2021, Arm Limited. All rights reserved.