Processing environments

The boards supported by the SDK distinguish entries according to the CPU to target (for multi-core SoCs) and whether Cortex-M Security Extensions (CMSE) are used or not (addition of _ns if they are used).

When CMSE is used, the firmware is split in accordance with the security by separation architecture principle to better protect sensitive assets and code. With CMSE, the firmware is stored in one of two security environments (flash partitions), either Secure Processing Environment (SPE) or Non-Secure Processing Environment (NSPE). This isolation of firmware is only possible if the underlying hardware supports ARM TrustZone.

Processing environments in the |NCS|

Processing environments in the nRF Connect SDK

In Zephyr and the nRF Connect SDK, SPE and NSPE are used exclusively in the context of the application core of a multi-core SoC. Building follows the security by separation principle and depends on the build target.

Building for cpuapp (CMSE disabled)

When you build for cpuapp, you build the firmware for the application core without CMSE. Because CMSE is disabled, TF-M is not used and there is no separation of firmware.

Building for *_ns (CMSE enabled)

When you build for *_ns, you build firmware with CMSE. Firmware is separated in the following way:

  • SPE implements security-critical functionality and data (including bootloaders) and isolates them from the application software in NSPE. It also contains secure firmware running in the secure state.

  • NSPE typically implements the user application and communication firmware, among other major components.

The application is built as a non-secure image and Trusted Firmware-M (TF-M) is built as the secure image. The build system merges both images to form a combined image that will be used for programming or updating the device.

TF-M enables hardware-supported separation of firmware. It also implements Platform Security Architecture (PSA) API, which provides security features for the system, including roots of trust for protecting secrets, platform state, and cryptographic keys. The API coordinates the communication with the components in NSPE.

More information about SPE and NSPE

Read the following pages for a better understanding of security by separation in the nRF Connect SDK: