Trusted Firmware-M (TF-M) is the reference implementation of Arm Platform Security Architecture (PSA). PSA is a recipe for building secure connected devices from analysis to implementation. PSA consists of three elements - Threat models and Security Analyses, Architecture Specifications and Open Source Reference Implementation (TF-M). See PSA Resource Page

TF-M is being built for Arm Cortex-M processors prioritizing v8-M Cortex cores leveraging Arm TrustZone technology. TF-M is being developed as an Open Source project under an Open Governance Model.

TF-M provides a highly configurable set of software components to create a Trusted Execution Environment. This is achieved by a set of secure run time services such as Secure Storage, Cryptography, Audit Logs and Provisioning. Additionally, secure boot in TF-M ensures integrity of Run time Software and supports firmware upgrade.

Functional Block diagram of Trusted Firmware-M below shows the various components and how it would fit in a v8-M System. Note that many of the components are under active development and continuous evolution. See roadmap for available components and future plan.

TF-M was launched publicly in March 2018 with Secure Boot and Secure Storage Support. OtherTF-M Secure Services are under active development. See roadmap for further details

Timeline History

[Dec 17] Limited release to Early Access Partners

[Mar 18] Open access in Linaro Connect HKG 18

[May 18] Audit Logs Secure Service, More Tests and Documents

[June 18] Secure Storage Service Enhancements

[Sept18] Initial Crypto Secure Service and IPC Implementations

[Dec18] Initial Attestation Service Prototype, Secure Interrupt Prototype

• Videos From BKK'19 Linaro Connect

• TF-M Mailing List

• PSA Developer APIs

• Proof of Concepts

• ELC-E 2018 Presentations

• Linaro Connect, Vancouver (YVR'18) Presentations

• Roadmap

• Introductory Videos

• GIT

• Gerrit

• Design

• Getting Started

• PSA Resources

• TF-M wiki