Roadmap
Updated 47 Days AgoPublic

TF-M has been under active development since it was launched in Q1'18. It is being designed to include

  1. Secure boot ensuring integrity of runtime images and responsible for firmware upgrade.
  2. Runtime firmware consisting of TF-M Core responsible for secure isolation, execution and communication aspects. and a set of Secure Services providing services to the Non-Secure and Secure Applications. The secures services currently planned to be supported are Secure Storage, Cryptography, Audit Logs, Attestation, Provisioning and Platform Services

    Roadmap below shows when the services are getting supported and then enhanced.

Currently Supported Features

CQ3'19

  • Memory Optimization
  • [Storage] Crypto Binding
  • Dual CPU Hardening
  • [Secure Boot] Multiple Image Update
  • [Secure Storage] Support Internal Trusted Storage PSA APIs

CQ4'19

  • Boot and Runtime Crypto Hardware Integration
  • Scheduler - Initial Support
  • PSA API 1.0.0

Future

  • [Secure Storage] Key Diversification Enhancements
  • [Platform] NV Count, Timer
  • [Platform] Secure Time
  • Secure Debug Investigation
  • [Provisioning] Initial Investigation/API Prototype
  • [Secure Boot] Key Revocation
  • [Secure Storage] Lifecycle Management
  • [Crypto] RNG, KDF
  • [Audit Logs] Secure Storage, Policy Manager
  • [Platform] GPIO, Debug, NONCE
  • Secure Debug Prototype
Last Author
shebuk
Projects
None
Subscribers
ademars, DarshpreetSabharwal