Page MenuHomePhabricator

Roadmap
Updated 31 Days AgoPublic

TF-M has been under active development since it was launched in Q1'18. It is being designed to include

  1. Secure boot ensuring integrity of runtime images and responsible for firmware upgrade.
  2. Runtime firmware consisting of TF-M Core responsible for secure isolation, execution and communication aspects. and a set of Secure Services providing services to the Non-Secure and Secure Applications. The secures services currently planned to be supported are Secure Storage, Cryptography, Firmware Update, Audit Logs, Attestation, Provisioning and Platform Services

If you are interested in collaborating on any of the roadmap features or other features, please mail TF-M mailing list

Currently Supported Features

  • PSA Firmware Framework v1.0 and Library Mode.
  • PSA Level1, 2 and 3 Isolation. Level3 Isolation enabled only for MuscaB1, AN521 and STM32L5
  • Secure Boot (mcuboot upstream) including generic fault injection mitigations
  • PSA Protected Storage and Internal Trusted Storage v1.0
  • Audit Logs
  • PSA Crypto (uses Mbed TLS v2.25)
  • PSA Initial Attestation Service v1.0
  • PSA Firmware Update
  • Secure Partition Interrupt Handling, Pre-emption of SPE execution
  • Platform Reset Service
  • Dual CPU
  • Open Continuous Integration (CI) System
  • Boot and Runtime Crypto Hardware Integration
  • Profile Small, Medium, Large
  • Build System Changes to use Modern CMake
  • Fault Injection Handling library to mitigate against physical attacks
  • Threat Model
  • Arm v8.1-M Privileged Execute Never (PXN) attribute and Thread reentrancy disabled (TRD)
  • PSA Firmware Framework v1.1 - Stateless RoT Service and Second-Level Interrupt Handling (SLIH)

CQ2'21

  • PSA Firmware Framework v1.1 - Phase2 (SFN, Interrupt Handling)
  • Multiple Secure Context Design 
  • PSA FWU Service Enhancements
  • Secure Partition Manager (SPM) API Performance Optimization
  • SW Counter Measures Against Physical Attacks – Enhancements
  • FPU Support
  • Arm v8.1-M MVE - Initial Enablement

Future

  • PSA Firmware Framework v1.1 - Phase3
  • Secure Partitions using PSA Firmware Framework v1.1 Static Handle
  • Authenticated Debug
  • Arm v8.1-M Unprevileged Debug
  • Secure Partition HAL Update
  • Scheduler - Multiple Secure Context Implementation
  • Arm v8.1-M Architecture Enablement Phase2
  • [Secure Storage] Key Diversification Enhancements
  • [Platform] NV Count, Timer
  • [Platform] Secure Time
  • [Audit Logs] Secure Storage, Policy Manager
Last Author
shebuk
Last Edited
Apr 13 2021, 2:44 PM

Event Timeline

abhishek-pandit edited the content of this document. (Show Details)
shebuk changed the title from Planning to Roadmap.Jul 25 2018, 8:27 PM
shebuk edited the content of this document. (Show Details)
shebuk changed the visibility from "All Users" to "Public (No Login Required)".Aug 22 2018, 10:27 AM
shebuk edited the content of this document. (Show Details)Oct 2 2018, 11:25 AM
shebuk edited the content of this document. (Show Details)Oct 2 2018, 4:07 PM
shebuk edited the content of this document. (Show Details)
shebuk edited the content of this document. (Show Details)Oct 9 2018, 12:02 PM
shebuk edited the content of this document. (Show Details)Oct 10 2018, 11:14 PM
shebuk edited the content of this document. (Show Details)Feb 5 2019, 2:42 PM
ademars added a subscriber: ademars.Feb 5 2019, 8:45 PM
shebuk edited the content of this document. (Show Details)Mar 15 2019, 3:00 PM
shebuk edited the content of this document. (Show Details)Apr 16 2019, 1:36 PM
shebuk edited the content of this document. (Show Details)Jul 9 2019, 6:23 PM
shebuk edited the content of this document. (Show Details)Oct 4 2019, 12:17 PM
shebuk edited the content of this document. (Show Details)
shebuk edited the content of this document. (Show Details)
shebuk edited the content of this document. (Show Details)Jan 19 2020, 6:15 PM
shebuk edited the content of this document. (Show Details)Apr 1 2020, 7:15 PM
shebuk edited the content of this document. (Show Details)Apr 1 2020, 7:34 PM
shebuk edited the content of this document. (Show Details)Apr 1 2020, 7:37 PM
shebuk edited the content of this document. (Show Details)
shebuk edited the content of this document. (Show Details)Apr 1 2020, 8:02 PM
shebuk edited the content of this document. (Show Details)Aug 1 2020, 7:47 AM
iomint added a subscriber: iomint.Aug 24 2020, 11:33 AM
shebuk edited the content of this document. (Show Details)Oct 12 2020, 5:01 PM
shebuk edited the content of this document. (Show Details)Feb 3 2021, 9:31 AM
shebuk edited the content of this document. (Show Details)Feb 3 2021, 9:45 AM
shebuk edited the content of this document. (Show Details)
shebuk published a new version of this document.
shebuk edited the content of this document. (Show Details)Apr 13 2021, 2:44 PM