Hi Sadik,
All the features that are currently appearing on the tfm branch of MCUboot are specific to use cases which can be enabled only in the RSE platform in TF-M, so I don’t anticipate any security issue or particular integration problems with other platforms that would decide to use the vanilla MCUboot code.
Please let us know in case you find otherwise.
Thanks, Antonio
Sent from Outlook for Mac
From: Ozer, Sadik via TF-M tf-m@lists.trustedfirmware.org Date: Wednesday, 5 November 2025 at 14:19 To: Antonio De Angelis via TF-M tf-m@lists.trustedfirmware.org Subject: [TF-M] TF-M with Zephyr port of MCUboot
Hi TF-M team,
In our product, we intend to use the vanilla MCUboot (specifically the Zephyr port) instead of the version bundled with Trusted Firmware-M (TF-M).
Since TF-M is optional for our use case, but MCUboot is a mandatory component, we prefer to decouple the two.
Seems there are some provisioning related items that need to be handled in vanilla MCUboot for this type of usage.
We would like to know if you foresee any security concerns or risks associated with this approach? Is this an expected of a usage?
Any feedback for this type of usage would be appreciated.
Thanks Sadik