**Collection of the Governing Board meeting minutes** **28th November 2018** The Trusted Firmware Board met again on Wednesday 28th November 2018. Project Charter changes review (see separate thread) and discussion on the possibility of making it publicly available. Charter will need to be updated, then published to website. Proposal to form a Technical Steering Committee which will be self-organized 4+1 charter changes proposed. Will be voted offline via email. Licensing clarification - does this apply to binary components? Do we approve them individually? Do we need separate repositories? - GDPR compliance (privacy) - No comments - Project budget review, approval & ideas - No questions on the budget - Ideas: - DZ: Sponsored talk/session at Linaro Connect - BF: Additional CI systems - JW: What’s included? - DZ: One or two boards and maintenance ‘within reason’ - MC: Cortex-A migration will be covered by Arm - FVP + one or two Juno boards. DZ to confirm with OCE Systems that this is covered - SV: Will be 1 MPS2 to implement TF-M CI already discussed - JW: Would like to see CI improved further with the budget - JR: A lot of work to do on TF-M : would like to spend it on TF-M engineering. - BM: Atypical to spend on contracting engineering. Agree for CI. - MC: Can propose some platform porting - self-contained activity that doesn’t impact core maintainers. - BM/JR: platform porting is contentious if to a competitor - ML: Maybe a little too early until we decide what the goals are. Usually raise awareness and fill in gaps around infrastructure - MC: What do we think around boards? - JR: Company member’s boards - JW: Google championing other companies boards - would like to see as many as we can supported by the infrastructure. Shouldn’t buy them - companies have an interest. We concentrate on the infrastructure - MC: Board has to be upstream and maintainer has to respond to CI in a given timeframe - Project Status update: TF-M - BM: Work to get test platform working in Qemu? - SV: Hard for Arm to contribute to Qemu. Hence target is MPS2/Musca. Not restricted to using Qemu - ML: Linaro working on v8m in Qemu. Still looking into v7m dual core - JR: Who is working on the dual core changes with Qemu? - ML: Peter Mayhew. v8m mostly done. Significant work for v7m dual core. - SV: Interested to know any areas in the roadmap that can be accelerated by collaboration - Project Status update: TF-A - BM: No secure EL1? - MC: Cannot use SPM at EL1. Have to turn on Secure Payload Dispatcher. Studying with architecture team secure EL0 plus secure OS and how the two worlds can co-exist without 8.4 and secure EL2. Arch team producing specs for how to accommodate multiple EL0. Current focus in H1 2019 is 8.2 and 8.3 story. - BM: In TI considered platform level power mgmt and secure OS as mutually exclusive. How to save off secure world context. secure world has to be restarted and resume context. Don’t think this story really exists - MC: Can check and come back ACTION: Matteo to check with arch team - BM: If don’t give guidance on how the problem is to be solved, then everyone will come up with their own solutions. - MC: Asking all our partners what kind of platform security problems they are facing. e.g. no measured boot part, no interaction with discrete TPM, - Project Contributions Ideas/Plans from members - Postponed until next meeting - Next meeting proposal: Wed 30th Jan - AOB - none **31st October 2018** The Trusted Firmware project held its own first Board meeting on Wednesday 31st October 2018. Representatives from all the six founding members were present and everyone gave a brief overview of its involvement into the project. The Board discussed the possibility of defining metrics for the project success, such as adoption, deliverables, milestones. TF-A and TF-M are likely to start with different tracks and metrics, due to the different maturity level, but the end goal would be to harmonise them. The project outbound licensing terms need to take into account the existing inclusion of code from 3rd party projects that are released with a different license with respect to the one covering Trusted Firmware (BSD 3-Clause). Any new addition of external code from projects that use a license other than the BSD 3-Clause license will need to be fully understood in context and approved by the Board. The Board agreed to have public summary of meeting minutes to be shared on a dedicated wiki section. TF-A and TF-M are currently providing monthly status reports publicly available on the blog. Feedbacks to the board on the usefulness of those are welcome. The formation of a Technical Steering Committee ("TSC") was also discussed and the Board agreed to have one common TSC for both TF-A and TF-M that can have two separate TF-A/TF-M sections during TSC public meetings. Trusted Firmware already has public mailing lists to discuss project technical topics: https://lists.trustedfirmware.org/mailman/listinfo/tsc https://lists.trustedfirmware.org/mailman/listinfo/tf-m https://lists.trustedfirmware.org/mailman/listinfo/tf-a https://lists.trustedfirmware.org/mailman/listinfo/tf-a-tests The Board agreed to reconvene on a monthly basis with the next meeting planned by Wednesday 28th November.

**Collection of the Governing Board meeting minutes** **28th November 2018** The Trusted Firmware Board met again on Wednesday 28th November 2018. Project Charter changes review and discussion on the possibility of making it publicly available. Charter will need to be updated, then published to website. Proposal to form a Technical Steering Committee which will be self-organized 4+1 charter changes proposed. Will be voted offline via email. Licensing clarification - does this apply to binary components? Do we approve them individually? Do we need separate repositories? This will be discussed in the next meeting. Project budget review, approval & ideas: discussed various ideas on investing project budget: sponsored talk/session at Linaro Connect? Additional CI systems? What’s included in the initial scope of work? One or two boards and maintenance ‘within reason’ Cortex-A migration will be covered by Arm - FVP + one or two Juno boards. Overall agreement that CI improvements are a good way to spend the budget. Discussion on the opportunity of spending on engineering effort for accelerating development (especially on TF-M). It's going to be difficult due to the expertise needed. Platform porting can be a self-contained activity that doesn’t impact core maintainers. BUT platform porting is contentious if to a competitor. It should be company members boards. The Board should probably define Project Goals first and then directions from there. Project Contributions Ideas/Plans from members Next meeting proposal: Wed 30th Jan **31st October 2018** The Trusted Firmware project held its own first Board meeting on Wednesday 31st October 2018. Representatives from all the six founding members were present and everyone gave a brief overview of its involvement into the project. The Board discussed the possibility of defining metrics for the project success, such as adoption, deliverables, milestones. TF-A and TF-M are likely to start with different tracks and metrics, due to the different maturity level, but the end goal would be to harmonise them. The project outbound licensing terms need to take into account the existing inclusion of code from 3rd party projects that are released with a different license with respect to the one covering Trusted Firmware (BSD 3-Clause). Any new addition of external code from projects that use a license other than the BSD 3-Clause license will need to be fully understood in context and approved by the Board. The Board agreed to have public summary of meeting minutes to be shared on a dedicated wiki section. TF-A and TF-M are currently providing monthly status reports publicly available on the blog. Feedbacks to the board on the usefulness of those are welcome. The formation of a Technical Steering Committee ("TSC") was also discussed and the Board agreed to have one common TSC for both TF-A and TF-M that can have two separate TF-A/TF-M sections during TSC public meetings. Trusted Firmware already has public mailing lists to discuss project technical topics: https://lists.trustedfirmware.org/mailman/listinfo/tsc https://lists.trustedfirmware.org/mailman/listinfo/tf-m https://lists.trustedfirmware.org/mailman/listinfo/tf-a https://lists.trustedfirmware.org/mailman/listinfo/tf-a-tests The Board agreed to reconvene on a monthly basis with the next meeting planned by Wednesday 28th November.

**Collection of the Governing Board meeting minutes** **28th November 2018** The Trusted Firmware Board met again on Wednesday 28th November 2018. Project Charter changes review (see separate thread) and discussion on the possibility of making it publicly available. Charter will need to be updated, then published to website. Proposal to form a Technical Steering Committee which will be self-organized 4+1 charter changes proposed. Will be voted offline via email. Licensing clarification - does this apply to binary components? Do we approve them individually? Do we need separate repositories? This will be discussed in the next meeting. - GDPR compliance (privacy) - No comments - Project budget review, approval & ideas - No questions on the budget - Ideas: - DZ: Sponsored talk/session at Linaro Connect - BF: Additional CI systems - JW: What’s included? - DZ: One or two boards and maintenance ‘within reason’ - MC: Cortex-A migration will be covered by Arm - FVP + one or two Juno boards.: discussed various ideas on investing project budget: sponsored talk/session at Linaro Connect? DZ to confirm with OCE Systems that this is covered - SV: Will be 1 MPS2 to implement TF-M CI already discussed - JW: Would like to see CI improved further with the budget - JR: A lot of work to do on TF-M : would like to spend it on TF-M engineering. - BM: Atypical to spend on contracting engineering.Additional CI systems? Agree for CI. - MC: Can propose some platform porting - self-contained activity that doesn’t impact core maintainers.What’s included in the initial scope of work? - BM/JR: platform porting is contentious if to a competitor - ML: Maybe a little too early until we decide what the goals are. Usually raise awareness and fill in gaps around infrastructure - MC: What do we think around boards? - JR: Company member’s boards - JW: Google championing other companies boards - would like to see as many as we can supported by the infrastructure. Shouldn’t buy them - companies have an interest. We concentrate on the infrastructureOne or two boards and maintenance ‘within reason’ - MC: Board has toCortex-A migration will be upstream and maintainer has to respond to CI in a given timeframecovered by Arm - FVP + one or two Juno boards. - Project Status update: TF-MOverall agreement that CI improvements are a good way to spend the budget. - BM: Work to get test platform working in Qemu?Discussion on the opportunity of spending on engineering effort for accelerating development (especially on TF-M). It's going to be difficult due to the expertise needed. - SV: Hard for Arm to contribute to QemuPlatform porting can be a self-contained activity that doesn’t impact core maintainers. Hence targetBUT platform porting is MPS2/Muscacontentious if to a competitor. Not restricted to using QemuIt should be company members boards. - ML: Linaro working on v8m in Qemu. Still looking into v7m dual core - JR: Who is working on the dual core changes with Qemu? - ML: Peter Mayhew. v8m mostly done. Significant work for v7m dual core. - SV: Interested to know any areas in the roadmap that can be accelerated by collaboration - Project Status update: TF-A - BM: No secure EL1? - MC: Cannot use SPM at EL1. Have to turn on Secure Payload Dispatcher. Studying with architecture team secure EL0 plus secure OS and how the two worlds can co-exist without 8.4 and secure EL2. Arch team producing specs for how to accommodate multiple EL0. Current focus in H1 2019 is 8.2 and 8.3 story. - BM: In TI considered platform level power mgmt and secure OS as mutually exclusive. How to save off secure world context. secure world has to be restarted and resume context. Don’t think this story really exists - MC: Can check and come back ACTION: Matteo to check with arch team - BM: If don’t give guidance on how the problem is to be solved, then everyone will come up with their own solutions. - MC: Asking all our partners what kind of platform security problems they are facing. e.g. no measured boot part, no interaction with discrete TPM, - Project Contributions Ideas/Plans from members - Postponed until next meeting - Next meeting proposal: Wed 30th Jan - AOB - none The Board should probably define Project Goals first and then directions from there. Project Contributions Ideas/Plans from members Next meeting proposal: Wed 30th Jan **31st October 2018** The Trusted Firmware project held its own first Board meeting on Wednesday 31st October 2018. Representatives from all the six founding members were present and everyone gave a brief overview of its involvement into the project. The Board discussed the possibility of defining metrics for the project success, such as adoption, deliverables, milestones. TF-A and TF-M are likely to start with different tracks and metrics, due to the different maturity level, but the end goal would be to harmonise them. The project outbound licensing terms need to take into account the existing inclusion of code from 3rd party projects that are released with a different license with respect to the one covering Trusted Firmware (BSD 3-Clause). Any new addition of external code from projects that use a license other than the BSD 3-Clause license will need to be fully understood in context and approved by the Board. The Board agreed to have public summary of meeting minutes to be shared on a dedicated wiki section. TF-A and TF-M are currently providing monthly status reports publicly available on the blog. Feedbacks to the board on the usefulness of those are welcome. The formation of a Technical Steering Committee ("TSC") was also discussed and the Board agreed to have one common TSC for both TF-A and TF-M that can have two separate TF-A/TF-M sections during TSC public meetings. Trusted Firmware already has public mailing lists to discuss project technical topics: https://lists.trustedfirmware.org/mailman/listinfo/tsc https://lists.trustedfirmware.org/mailman/listinfo/tf-m https://lists.trustedfirmware.org/mailman/listinfo/tf-a https://lists.trustedfirmware.org/mailman/listinfo/tf-a-tests The Board agreed to reconvene on a monthly basis with the next meeting planned by Wednesday 28th November.