Version 4 vs 5
Version 4 vs 5
Content Changes
Content Changes
TF-M has been under active development since it was launched in Q1'18. It is being designed to include
1. //**Secure boot**// ensuring integrity of runtime images and responsible for firmware upgrade.
2. Runtime firmware consisting of
//** TF-M Core**// responsible for secure isolation, execution and communication aspects. and a set of Secure Services
providing services to the Non-Secure and Secure Applications. The secures services currently planned to be supported are
//**Secure Storage, Cryptography, Audit Logs, Attestation, Provisioning and Platform Services**//
Roadmap below shows when the services are getting supported and then enhanced.
Currently Supported Features
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/bl2/ext/mcuboot | Secure Boot]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/services/tfm_sst_integration_guide.md | Secure Storage]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/services/tfm_audit_integration_guide.md | Audit Logs]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/log/?h=feature-ipc | TF-M Core - Inter Process Communication (IPC)]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/interface/include/psa_crypto.h | Crypto Secure Service APIs and PSK-TLS
Support]]
Q4'18 (Oct-Dec'18)
- [TF-M Core] Secure Interrupt Handling
- [TF-M Core] Scheduler Design
- [Attestation] API and Initial Attestation Service with [[ https://tools.ietf.org/html/draft-mandyam-eat-00 | EAT ]] Support
- [Crypto] Define APIs for Hardware Crypto Accelerator
- [Platform] Reset Service
- [Platform] Secure Time
- Option for Secure Services to use IPC for communication
- Open Continuous Integration (CI) System
Q1'19 (Jan-Mar'19)
- [TF-M Core] Secure Partition Manager- Full Isolation Support
- [TF-M Core] Secure Interrupt Handling Enhancements
- [TF-M Core] Scheduler - Initial Implementation
- [Secure Boot] Multiple Image Update
- [Secure Storage] Key Diversification
- [Crypto] TLS with Key exchange
- Secure Debug Investigation
- [Platform] NV Count, Timer
- [Provisioning] Initial Investigation/API Prototype
Q2'19 (Apr-Jun'19)
- [TF-M Core] Scheduler Enhancements
- [Audit Logs] Encryption
- [Secure Boot] Key Revocation
- [Secure Storage] Lifecycle Management
- [Crypto] RNG, KDF - Initial Investigation
- [Audit Logs] Secure Storage, Crypto Binding
- [Platform] GPIO, Debug, NONCE
TF-M has been under active development since it was launched in Q1'18. It is being designed to include
1. //**Secure boot**// ensuring integrity of runtime images and responsible for firmware upgrade.
2. Runtime firmware consisting of
//** TF-M Core**// responsible for secure isolation, execution and communication aspects. and a set of Secure Services
providing services to the Non-Secure and Secure Applications. The secures services currently planned to be supported are
//**Secure Storage, Cryptography, Audit Logs, Attestation, Provisioning and Platform Services**//
Roadmap below shows when the services are getting supported and then enhanced.
Currently Supported Features
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/bl2/ext/mcuboot | Secure Boot]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/services/tfm_sst_integration_guide.md | Secure Storage]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/services/tfm_audit_integration_guide.md | Audit Logs]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/log/?h=feature-ipc | TF-M Core - Inter Process Communication (IPC)]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/interface/include/psa_crypto.h | Crypto Secure Service APIs and PSK-TLS
Support]]
Q4'18 (Oct-Dec'18)
- [TF-M Core] Secure Interrupt Handling
- [TF-M Core] Scheduler Design
- [Attestation] API and Initial Attestation Service with [[ https://tools.ietf.org/html/draft-mandyam-eat-00 | EAT ]] Support
- [Crypto] Define APIs for Hardware Crypto Accelerator
- [Platform] Reset Service
- [Platform] Secure Time
- Option for Secure Services to use IPC for communication
- Open Continuous Integration (CI) System
Q1'19 (Jan-Mar'19)
- [TF-M Core] Secure Partition Manager- Full Isolation Support
- [TF-M Core] Secure Interrupt Handling Enhancements
- [TF-M Core] Scheduler - Initial Implementation
- [Secure Boot] Multiple Image Update
- [Secure Storage] Key Diversification
- [Crypto] TLS with Key exchange
- Secure Debug Investigation
- [Platform] NV Count, Timer
- [Provisioning] Initial Investigation/API Prototype
Q2'19 (Apr-Jun'19)
- [TF-M Core] Scheduler Enhancements
- [Audit Logs] Encryption
- [Secure Boot] Key Revocation
- [Secure Storage] Lifecycle Management
- [Crypto] RNG, KDF - Initial Investigation
- [Audit Logs] Secure Storage, Crypto Binding
- [Platform] GPIO, Debug, NONCE
TF-M has been under active development since it was launched in Q1'18. It is being designed to include
1. //**Secure boot**// ensuring integrity of runtime images and responsible for firmware upgrade.
2. Runtime firmware consisting of
//** TF-M Core**// responsible for secure isolation, execution and communication aspects. and a set of Secure Services
providing services to the Non-Secure and Secure Applications. The secures services currently planned to be supported are
//**Secure Storage, Cryptography, Audit Logs, Attestation, Provisioning and Platform Services**//
Roadmap below shows when the services are getting supported and then enhanced.
Currently Supported Features
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/bl2/ext/mcuboot | Secure Boot]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/services/tfm_sst_integration_guide.md | Secure Storage]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/docs/user_guides/services/tfm_audit_integration_guide.md | Audit Logs]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/log/?h=feature-ipc | TF-M Core - Inter Process Communication (IPC)]]
- [[ http://git.trustedfirmware.org/trusted-firmware-m.git/tree/interface/include/psa_crypto.h | Crypto Secure Service APIs and PSK-TLS
Support]]
Q4'18 (Oct-Dec'18)
- [TF-M Core] Secure Interrupt Handling
- [TF-M Core] Scheduler Design
- [Attestation] API and Initial Attestation Service with [[ https://tools.ietf.org/html/draft-mandyam-eat-00 | EAT ]] Support
- [Crypto] Define APIs for Hardware Crypto Accelerator
- [Platform] Reset Service
- [Platform] Secure Time
- Option for Secure Services to use IPC for communication
- Open Continuous Integration (CI) System
Q1'19 (Jan-Mar'19)
- [TF-M Core] Secure Partition Manager- Full Isolation Support
- [TF-M Core] Secure Interrupt Handling Enhancements
- [TF-M Core] Scheduler - Initial Implementation
- [Secure Boot] Multiple Image Update
- [Secure Storage] Key Diversification
- [Crypto] TLS with Key exchange
- Secure Debug Investigation
- [Platform] NV Count, Timer
- [Provisioning] Initial Investigation/API Prototype
Q2'19 (Apr-Jun'19)
- [TF-M Core] Scheduler Enhancements
- [Audit Logs] Encryption
- [Secure Boot] Key Revocation
- [Secure Storage] Lifecycle Management
- [Crypto] RNG, KDF - Initial Investigation
- [Audit Logs] Secure Storage, Crypto Binding
- [Platform] GPIO, Debug, NONCE