Hi William,
The requirement on the storage is for it to be isolated, either physically or cryptographically, as you can read from the PSA security model [1].
TF-M initially supported only the isolated model in ITS (i.e. for internal flashes) but more recently it was added support for encrypted ITS, which I believe it can be used on one of the Nordic platforms already.
Hope this helps.
Thanks, Antonio
[1] Platform Security Model - PSA Certified https://www.psacertified.org/app/uploads/2021/12/JSADEN014_PSA_Certified_SM_...
Sent from Outlook for Androidhttps://aka.ms/AAb9ysg ________________________________ From: Lee, William via TF-M tf-m@lists.trustedfirmware.org Sent: Friday, December 29, 2023 5:53:50 AM To: tf-m@lists.trustedfirmware.org tf-m@lists.trustedfirmware.org Subject: [TF-M] Are MCUs without internal flash not supported by TF-M?
Hello everyone,
Happy New Year!
Are MCUs without internal flash not supported by TF-M?
From TF-M’s documents, I saw ITS(Internal Trusted Storage) is a PSA-ROT secure service and requires store data in internal flash.
Does that mean TF-M not support hardware platforms that do not have internal flash? For example, RT500 does not have internal flash: https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontro...
Thank you!
Best regards
William Lee