Hi,
Here are the minutes from the TSC call last week. Please let me know any additions or corrections.
Best regards
Bill
Attendees
AbhishekP - Arm
DavidB - Linaro
MarkG - TI
VickyJ - Linaro
EricF - ST
BillM - TI
ChristianD -Cypress
JoakimB - Linaro
JuliusW - Google
AshutoshS - Arm Agenda
Pending action items
PSA L2 update for TF-M. Ashutosh Singh (Arm) will be joining to present.
Couple of misc items.
Documentation hosting on ReadTheDocs.
Gerrit hooks to inform specific maintainers of submitted patches.
AOB
Notes
Pending action items
AP: Any specific input on security reporting. Otherwise please raise with Dan on email.
JB: Have a few points but will raise by mail.
AP: By mid-July meeting should try to reach Beta level
AP: Coding guidelines patch
EF: Should hopefully be next week
AP: Static analysis and functional safety - please could everyone think about this. Both TF teams are doing static analysis.
JB: Functional safety came up in BKK19 - MISRA C
AP: TSC Members - some members have not identified.
May need to have invitation-only closed discussions
CD: OP-TEE is going to add an extra row to the matrix of interest
Representative discussion: Proposal generally agreed - 2 reps, expertise partitioned as member company desired. Ideally designated primary and secondary, either but not both can vote.
PSA L2 update for TF-M
AS: For v8m, isolation is through hardware. For dual cpu cortex-m each side has separate interrupts and no leakage of information through interrupts
JB: Not much information in the document 18/19 pages. Interested in 5.6. What is the list of supported crypto expected.
AS: Has not been listed. Should support the crypto currently used in TF-M
DB: Secure storage TBD?
AS: Crypto shouldn’t allow visibility of the key for secure storage. Have to close this. Action item later in slides.
JB: Who is ‘The Lab’ in the slides?
AS: 6-7 around the world. Partners have already gone for level 1 certification. Link here: https://www.psacertified.org/security-certification/test-labs/
EF: Foresee any work on mcuboot?
AS: Have a fork in TF-M. Can’t comment on open source project.
EF: Wondering if TF-M and upstream fork could converge
AP: Could happen. Need to look at what it would take. DavidB discussing with TF-M team.
JB: Any plans to do (external) security audits
AP: Only in early stages. Who would be interested?
JB, DB
AP: Action: AP will contact JB., DB before next TSC about audits
Documentation hosting on ReadTheDocs.
AP: Agreed to do this. Joakim has demonstrated how to do this. Free option?
JB: Works fine.
AP: Any objection from TSC? Otherwise will raise the request to Linaro infrastructure to publish from Gerrit.
JB: Ad free - as low as $5. Commercial support is $50-150/month.
JW: Do we need an external service? Can we just run Sphinx? Since already asking for engineering effort.
DB: Doubt to be able to do it for $5/month
Action Bill to find out about cost of internal Sphinx hosting.
JW: Coreboot is already doing this. (docs.coreboot.org https://doc.coreboot.org/)
DB: Can also look into what Zephyr are doing.
Gerrit hooks to inform specific maintainers of submitted patches.
AP: Just have to update some guidelines
AOB
MG: is there a longer term roadmap for e.g. Level 3?