Thanks Antonio,
Thanks for the clarification. I still not sure how ITS support is possible if there is no Internal Flash. I looked at the ITS implementation and it requires Flash (file system etc) where our SoC has OTP for
secure storage. Hope someone will clear this one as well.
BR
Michael
From: Antonio De Angelis <Antonio.DeAngelis@arm.com>
Sent: Tuesday, May 20, 2025 1:07 AM
To: tf-m@lists.trustedfirmware.org
Cc: Michael Khoyilar <mkhoyilar@innophaseiot.com>; nd <nd@arm.com>
Subject: Re: Internal Trusted Storage
|
You don't often get email from
antonio.deangelis@arm.com.
Learn why this is important |
CAUTION:This email originated from outside
of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you suspect that this email may be a phishing attempt, please do not forward it to your colleagues. Instead, report it by forwarding
this email to phishing@innophaseiot.com.
Hi Michael,
TF-M implements the ITS service. That statement is from the original storage design document and was pushed when there was no ITS yet, so it's outdated now. Apologies for the confusion. The level
2 certification should just require a form of secure storage but it does no have to be strictly ITS based. But I'll leave to others to better comment on this.
Thanks,
Antonio
From: Michael Khoyilar via TF-M <tf-m@lists.trustedfirmware.org>
Sent: Monday, May 19, 2025 23:51
To: tf-m@lists.trustedfirmware.org <tf-m@lists.trustedfirmware.org>
Subject: [TF-M] Internal Trusted Storage
Hi team,
Can you help me with this statement that “Currently, the TF-M Secure Storage service implements PSA Protected Storage version 1.0-beta2.
There is not yet an implementation of PSA Internal Trusted Storage in TF-M.”
Our SoC does NOT have internal flash, but we have OTP where we keep the confidential data. Can you help how to handle this ITS situation. I wonder if PSA level-2 certification requires ITS? Thanks
BR
Michael