Trusted Firmware provides a reference implementation of Secure World software for Armv7-A, Armv8-A and Armv8-M architectures.
It provides SoC developers and OEMs with a reference trusted code base complying with the relevant Arm specifications. This forms the foundations of a Trusted Execution Environment (TEE) on application processors, or the Secure Processing Environment (SPE) on microcontrollers.
The launch process included the announcement of Trusted Firmware-M at Linaro Connect Hong Kong in March 2018 (see the presentation) and the governance change of former Arm Trusted Firmware project for A-class into an open governance project.
Trusted Firmware is designed to reduce porting and integration work across the ecosystem by creating reusable reference implementations for SoCs and Trusted OS developers.
Membership of the Trusted Firmware project is equally open to Linaro members and non-members and the project governance is overseen by a board of member representatives. This board currently consists of Arm, Linaro, Texas Instruments, Google LLC, Cypress Semiconductor, STMicroelectronics, Data I/O.
Check out the project resources:
- Project Charter is available here
- Monthly project updates are available on the project blog section
- Public minutes of the recurring Board meetings are available in the wiki pages
The Trusted Firmware project is provided under a BSD-3-Clause license and contributions are accepted under the term of Developer Certificate of Origin.
Trusted Firmware-A (TF-A) supports Armv7-A and Armv8-A systems, including a Secure Monitor executing at Exception Level 3 (EL3). It implements various Arm interface standards including the Power State Coordination Interface (PSCI), Trusted Board Boot Requirements (TBBR), SMC Calling Convention, and System Control and Management Interface.
Trusted Firmware-M (TF-M) provides a reference implementation of the Arm Platform Security Architecture (PSA) for Arm Cortex-M processors and leverages Arm’s TrustZone technology on Arm v8-M cores. TF-M is being built as a set of highly configurable set of software components suitable for constrained systems. It consists of secure boot and a set of secure runtime services including: Secure Storage, Cryptography, Audit Logs and Provisioning that can be used by Applications.
Check out the latest project news
Check out the past project news