Hello everyone,
Happy New Year!
Are MCUs without internal flash not supported by TF-M? From TF-M’s documents, I saw ITS(Internal Trusted Storage) is a PSA-ROT secure service and requires store data in internal flash. Does that mean TF-M not support hardware platforms that do not have internal flash? For example, RT500 does not have internal flash: https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontro...
Thank you!
Best regards William Lee
Hi William,
The requirement on the storage is for it to be isolated, either physically or cryptographically, as you can read from the PSA security model [1].
TF-M initially supported only the isolated model in ITS (i.e. for internal flashes) but more recently it was added support for encrypted ITS, which I believe it can be used on one of the Nordic platforms already.
Hope this helps.
Thanks, Antonio
[1] Platform Security Model - PSA Certified https://www.psacertified.org/app/uploads/2021/12/JSADEN014_PSA_Certified_SM_...
Sent from Outlook for Androidhttps://aka.ms/AAb9ysg ________________________________ From: Lee, William via TF-M tf-m@lists.trustedfirmware.org Sent: Friday, December 29, 2023 5:53:50 AM To: tf-m@lists.trustedfirmware.org tf-m@lists.trustedfirmware.org Subject: [TF-M] Are MCUs without internal flash not supported by TF-M?
Hello everyone,
Happy New Year!
Are MCUs without internal flash not supported by TF-M?
From TF-M’s documents, I saw ITS(Internal Trusted Storage) is a PSA-ROT secure service and requires store data in internal flash.
Does that mean TF-M not support hardware platforms that do not have internal flash? For example, RT500 does not have internal flash: https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontro...
Thank you!
Best regards
William Lee
Hi antonio,
Thanks for those interesting news. Do you know on which Nordic platform supports encrypted ITS with TFM?
Regards
Torsten ________________________________ Von: Antonio De Angelis via TF-M tf-m@lists.trustedfirmware.org Gesendet: Saturday, December 30, 2023 9:31:10 AM An: Lee, William William.Lee@garmin.com; tf-m@lists.trustedfirmware.org tf-m@lists.trustedfirmware.org Betreff: [TF-M] Re: Are MCUs without internal flash not supported by TF-M?
Hi William,
The requirement on the storage is for it to be isolated, either physically or cryptographically, as you can read from the PSA security model [1].
TF-M initially supported only the isolated model in ITS (i.e. for internal flashes) but more recently it was added support for encrypted ITS, which I believe it can be used on one of the Nordic platforms already.
Hope this helps.
Thanks, Antonio
[1] Platform Security Model - PSA Certified https://www.psacertified.org/app/uploads/2021/12/JSADEN014_PSA_Certified_SM_...
Sent from Outlook for Androidhttps://aka.ms/AAb9ysg ________________________________ From: Lee, William via TF-M tf-m@lists.trustedfirmware.org Sent: Friday, December 29, 2023 5:53:50 AM To: tf-m@lists.trustedfirmware.org tf-m@lists.trustedfirmware.org Subject: [TF-M] Are MCUs without internal flash not supported by TF-M?
Hello everyone,
Happy New Year!
Are MCUs without internal flash not supported by TF-M?
From TF-M’s documents, I saw ITS(Internal Trusted Storage) is a PSA-ROT secure service and requires store data in internal flash.
Does that mean TF-M not support hardware platforms that do not have internal flash? For example, RT500 does not have internal flash: https://www.nxp.com/products/processors-and-microcontrollers/arm-microcontro...
Thank you!
Best regards
William Lee
tf-m@lists.trustedfirmware.org
-
Antonio De Angelis -
Labs, Torsten -
Lee, William