**Collection of the Governing Board meeting minutes**
**06th March 2019**
The Trusted Firmware Board met again on Wednesday 6th March 2019.
Members roster is the same as last time with 7 members.
The first topic discussed was the policy for Binary contributions: a simple policy document (not a legal document) has been worked on and will be committed soon as part of the proposed new repository for hosting binary contributions. The current consensus is to have one single repository with potentially separate git submodules for TF-A and TF-M.
An existing permissive binary license may be linked as an example to provide a starting point for contributions.
The policy will cover binaries that are only hosted but not actually used by the Trusted Firwmare project itself. For those, a separate legal discussion might be needed.
Board agrees to hand over to the TSC for deciding the technical details.
The Board then discussed the possibility to sponsor conferences & events throughout the year. Two specific conferences were initailly brought to discussion: OSFC and GP Seminar.
Common consensus is that OSFC2019 is a good opportunity, so the Board will look into reserving a sponsorship slot.
Anyway, in order to have a broader view and decide on the number of annual events to participate and sponsor, it's important to have a full calendar with interesting events and locations. The Board will start creating one and then will have a conversation on which events to sponsor and where.
For Linaro Connect Bangkok, there is a chance of a Trusted Firmware Hackaton session with TF-A and TF-M core maintainers. The Board will look into advertising it.
The Board agreed to fund marketing materials (Stickers and Flyers initially) as a one-off and then monitor the expenses thoughout the year.
The public CI topic was discussed again: current consensus is that Linaro is going to host it, but this is still under discussion and Linaro has to confirm. TF-M and TF-A CI are progressing on different tracks for now, due to different starting points, but the plan is to align them in the long-run. The public CI will also be open to Partners Boards, every new inclusion will be more than welcome (resourcing discussion may be needed).
The Security Incident process was the last topic discussed: currently TF-A has one dedicated process ([[ https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Centre | here ]]), while TF-M has none. There is consensus towards having a single common Security process for both TF-A and TF-M with a single entry point, similarly to what the Kernel project has in place (which distinguish though between security experts mail aliases and disclosure list mail aliases). Partners may want to be included in the process. Action to the TSC to define the technical implications and to propose a process similar to the Linux Kernel one.
Quick project status update for both TF-A and TF-M with no questions.
The Board agreed to organise a F2F meeting in Bagkok during Linaro Connect on Wed3th April.
**30th January 2019**
The Trusted First Board met on 30th January 2019 for the first time in 2019. There are now seven members in trustedfirmware.org
**Five charter changes** accepted by Board has been published in trustedfirmware.org - [[ https://www.trustedfirmware.org/docs/Trusted_Firmware_Charter_v_2019-01-21.pdf | Charter ]]
**Technical Steering Committee (TSC)** - Responsible for oversight of the technical codebase, the release process and liaison with the technical community. Consists of appointed representatives of the members and TSC will be open for anyone to attend. Technical Steering Committee for both TF-A and TF-M will have two separate TFA/TF-M sections during meetings.
Action: All Members to nominate TSC representatives so that the first TSC meeting can be held by mid-February,
**Policy for accepting Binary Files** in Trustedfirmware.org
Binary FIles might have to be hosted on a separate repo. There should be guidelines for contribution, Licensing consideration and possibly charter updates.
Discusion in the meeting around drafted policy material. Want governing board to be final arbiter. Policy Document might just give broad idea. One of the policies might be to allow binary contribution only for platform specific code. If there are more regular requests for binary contribution, can look at providing guidance on license or even enforce a default license.
It should be upto submitter to prove that they meet the guidelines. If there is a default license put in place, TSC should still approve any binary contribution and Board to approve any binary contribution being made without the default license.
Action: Present draft poilicy to Board
**Project Status Update**
Question on whether the Secure Partition Manager in Trusted Firmware-M (TF-M) and Trusted Firmware-A (TF-A) will be aligned,
The implementation won't be the same due to architectural differences between A and M class cores. However, the goals can remain aligned. A single TSC for both TF-A and TF-M is to remain aligned in the technical front.
Initial TF-A CI would just allow patch to be submitted and will get back with a pass/fail. No worse than what is there today. The logs for any failed tests are pasted to the patch submission by Arm team.
Build artifcats not being kept at the moment not to conceal any information. Can follow up with Linaro infra. team
Issue raised that task in phabricator that are referenced in the TF-M mailing list requires github login.
Action: to work with Linaro team to make phabricator tasks viewable without login.
Clarified that Modularization of TF-M services isn't specific to Zephyr
**Project Budget**
Propose to review mission statement in the Charter for objectives.
Could sponsor some activity at an open source event.
For some events maybe members can have flyers on their booths that can be distributed
Money spent on a good brochure for booths would be well spent. This would help attract new members.
For TF-M looking at CI system and what kind of static analysis tools could be used. Proposal on possible tools not firmed up yet.
TF-M and TF-A CI being pushed into Linaro infrastructure. Can ask for infrastructure support for more boards.
General agreement on opening up CI to members
Action: Put a flyer mentionning TF-M and TF-A and stickers for any conference. Linaro can get a quote for printing.
AOB:
Ran out of Trusted Firmware stickers. Linaro can arrange them to be printed again if the Board approves.
Next meeting - 6th of March proposed
Proposal to work with Certification. Lab. as a single organization and give them feedback on their proposals.
Interests from members to focus on different certifications. Need more discussion. If there is enough interest, TSC might liaison with the Labs.
**28th November 2018**
The Trusted Firmware Board met again on Wednesday 28th November 2018.
Project Charter changes review and discussion on the possibility of making it publicly available. Charter will need to be updated, then published to website.
Proposal to form a Technical Steering Committee which will be self-organized
4+1 charter changes proposed. Will be voted offline via email.
Licensing clarification - does this apply to binary components? Do we approve them individually? Do we need separate repositories? This will be discussed in the next meeting.
Project budget review, approval & ideas: discussed various ideas on investing project budget: sponsored talk/session at Linaro Connect? Additional CI systems? What’s included in the initial scope of work?
One or two boards and maintenance ‘within reason’
Cortex-A migration will be covered by Arm - FVP + one or two Juno boards.
Overall agreement that CI improvements are a good way to spend the budget.
Discussion on the opportunity of spending on engineering effort for accelerating development (especially on TF-M). It's going to be difficult due to the expertise needed.
Platform porting can be a self-contained activity that doesn’t impact core maintainers. BUT platform porting is contentious if to a competitor. It should be company members boards.
The Board should probably define Project Goals first and then directions from there.
Project Contributions Ideas/Plans from members: topic to be evaluate from members for next Board meeting.
The Board agrees to reconvene on Wed 30th Jan.
**31st October 2018**
The Trusted Firmware project held its own first Board meeting on Wednesday 31st October 2018.
Representatives from all the six founding members were present and everyone gave a brief overview of its involvement into the project.
The Board discussed the possibility of defining metrics for the project success, such as adoption, deliverables, milestones.
TF-A and TF-M are likely to start with different tracks and metrics, due to the different maturity level, but the end goal would be to harmonise them.
The project outbound licensing terms need to take into account the existing inclusion of code from 3rd party projects that are released with a different license with respect to the one covering Trusted Firmware (BSD 3-Clause).
Any new addition of external code from projects that use a license other than the BSD 3-Clause license will need to be fully understood in context and approved by the Board.
The Board agreed to have public summary of meeting minutes to be shared on a dedicated wiki section.
TF-A and TF-M are currently providing monthly status reports publicly available on the blog. Feedbacks to the board on the usefulness of those are welcome.
The formation of a Technical Steering Committee ("TSC") was also discussed and the Board agreed to have one common TSC for both TF-A and TF-M that can have two separate TF-A/TF-M sections during TSC public meetings.
Trusted Firmware already has public mailing lists to discuss project technical topics:
https://lists.trustedfirmware.org/mailman/listinfo/tsc
https://lists.trustedfirmware.org/mailman/listinfo/tf-m
https://lists.trustedfirmware.org/mailman/listinfo/tf-a
https://lists.trustedfirmware.org/mailman/listinfo/tf-a-tests
The Board agreed to reconvene on a monthly basis with the next meeting planned by Wednesday 28th November.