Attendees:

Dan Handley (Arm)

Ashutosh Singh (Arm)

Lionel Debieve (ST)

Julius Werner (Google)

Andrej Butok (NXP)

David Brown (Linaro)

Joakim Bech (Linaro)

Roman Baker (Cypress)

Mark Grosen (TI)

Abhishek Pandit (Arm)

 

Notes:

 

>Standard HW requirement for TF-M for PSA levels.

LD - Raising the topic based on Eric's email.

AP - As we have limited details possibly better to discuss next time when Eric joins.

May be TF-M tech forum comes up with proposal for TSC to ratify.

 

>Security Incident process update

AS - Logistics in place. Testing public and private keys. Process document on phabricator, about to open it and redirect website to point to it. Sub teams are ready to switch to new process.

AP - Does TSC come under Trusted stakeholder list?

DH - Member company's security teams may register as Trusted Stakeholders but not the TSC as a whole. As explained in the process, after the secondary embargo period but during the public embargo period, the embargoed information may be shared with others in the Trusted Stakeholders' organization. This would be the appropriate time to notify the TSC.

 

>Update on GP test suite.

JB – TF.org has purchased the GlobalPlatform test suite as agreed on a board vote earlier this year. Linaro will track enablement of the GP test suite in LOC-67 (https://projects.linaro.org/browse/LOC-67). End goal is to run both xtest and GP test automatically on every single patch sent to the OP-TEE project.

 

>Website improvement

AP – Offline update from Bill. Cost has been approved by board with a show of hands, and the attached slide contain the details of current status.

 

>Pending item / Coding standard

AP - TF-M coding conventions and industry standards related discussion.

MG - Coding standard should be influenced by industry standards that we want to target.

We should also discuss compiler support.

AP - Currently gcc, armclang and iar are supported. We need inputs from committee members.

LD - Coding convention, is there desire to have fully aligned conventions across projects?

JB - OPTEE follows Kernel

AP - Depends on the spec that we target but otherwise teams can decide.

 

AOB?