Trusted Services Logo
1.3.0

Contents:

  • Introduction
    • Solving Common Security Problems
      • Protecting IoT device identity
      • Protecting Software Updates
      • Secure Logging
    • Project Goals
      • Enhancing Security through Reuse and Testing
  • About the Project
    • Change Log & Release Notes
      • Version v1.3.0
        • Feature Highlights
        • Deprecations
        • Updated external components
        • Breaking changes
        • Resolved issues
        • Known limitations
      • Version v1.2.0
        • Feature Highlights
        • Deprecations
        • Updated external components
        • Breaking changes
        • Resolved issues
        • Known limitations
      • Version v1.1.0
        • Feature Highlights
        • Deprecations
        • Updated external components
        • Breaking changes
        • Resolved issues
        • Known limitations
      • Version 1.0.0
        • Feature Highlights
        • Updated external components
        • Breaking changes
        • Resolved issues
        • Known limitations
      • Version 1.0.0-Beta
        • Feature Highlights
        • Test Report
    • Coding Style & Guidelines
      • Common Rules
      • C Rules
      • CMake Rules
      • Restructured Text Rules
    • Contributing
      • Reporting Security Issues
      • Getting Started
      • Making Changes
      • Submitting Changes
    • Glossary
    • License
    • Maintainers
      • Main maintainers
      • Code owners
    • Versioning policy
      • Format of version IDs
      • Version ID hierarchy
      • Storage and format
    • Version Control
      • Branching Strategy
      • Sandbox branches
      • Topic branches
      • Review vs quality
    • Quality Assurance
      • Verification Strategy
        • Clean Code
        • Runtime Testing
      • Verification methodology
        • Static Checks
        • Build verification
        • Runtime verification
      • Verification Plan
        • Verification during development
        • Verification during code review
        • Guarding “main”
    • Releases
      • Cadence
    • Release procedure
  • Quick Start Guides
    • Build and run PC based tests
      • Before you start
      • Build and run component-test
      • Build and run ts-service-test
      • Build and run psa-api-test
      • More information
    • Build and run tests on OP-TEE reference integration for FVP
      • Before you start
      • Build the Linux application binaries
      • Run ts-service-test
      • Build SPMC tests
      • Run SPMC tests
  • Developer Documents
    • Architecture Overview
      • Service Model
      • Service Deployments
      • Service Access Protocols
    • Supported Architectural Features
      • Branch Protection
        • Pointer Authentication (FEAT_PAUTH)
        • Branch Target Identification (FEAT_BTI)
        • Configuring Branch Protection in the TS build system
    • Project Structure
      • Top-Level Project Organization
        • docs
        • deployments
        • environments
        • platforms
        • components
        • Test components
        • external
        • protocols
        • tools
    • Service Deployment Model
      • Ports and Adapters Architecture
      • Service Deployment Structure
      • Deployment Directory Structure
        • Configuration Definitions
        • Infrastructure Definitions
      • Platform Support
        • Platform Providers
        • Diver Models
        • Drivers
    • Service Access Protocols
      • Trusted Services protocol layers
      • TS RPC implementation
        • Generic concepts
        • ABI
        • Service discovery
        • RPC status code values
        • Example TS RPC call
      • Status Codes
      • Service Access Protocol Definition Conventions
        • Service Namespace
        • Language Independent Protocol Definitions
      • Use of Protocol Buffers
        • .proto File Style Guide
        • Protocol Buffer Library for Trusted Services
      • Serialization Protocol Flexibility
    • Service Locator
      • Service Locator Model
        • Class service_locator
        • Class service_context
        • Class rpc_caller
      • Locating Service Instances
        • Service Names
        • Service Location Strategies
    • Software Requirements
    • Build Instructions
      • Build Flow
      • Selecting the build type
      • Building and Installing
      • Installed build output files
      • Deploying installed files
      • Batch Building
    • Running Tests
      • Running component tests
    • Documentation Build Instructions
      • Prerequisites
      • Example environment
      • Building rendered documentation
      • Configuring the documentation build
    • Writing Documentation
      • Section Headings
      • Inline documentation
        • CMake
    • Build test runner
      • Dependencies
      • Files
      • Design
      • Usage
        • Makefile
        • run.sh
    • OP-TEE SPMC tests
      • Build and run
      • Structure
      • Implementation
      • SPMC test RPC protocol
      • Test cases
  • Services
    • Attestation Service
      • Overview
      • Project Directories
      • Attestation report
      • Design Description
        • Claims Model
      • Provisioning Flows
        • Self-generated IAK
        • Imported IAK
      • Testing the Attestation Service
        • Component-Level Test Suites
        • Service-Level Test Suites
        • Environment Tests
    • Crypto Service
      • Overview
      • Service Provider Implementation
        • Crypto Provider
        • Crypto Serializer
        • Mbed Crypto
        • Secure Storage
        • Entropy Source
    • Firmware Update Service
      • Overview
      • Source Code Location
      • Concepts and Assumptions
        • Update Packaging
        • Transactional Updates
        • Banked Firmware Store
        • Update Agent
        • Firmware Directory
        • Storage Volumes
        • Installers
        • Firmware Locations
      • Design Description
        • Core Components
        • Service Interface
      • Platform Configuration
        • Update Agent Configuration using GPT
      • FWU Command Line Application
      • Testing the Update Agent
      • Reference Integration Test Environment
      • UEFI disk image creation instructions
        • Disk Image Descriptions
      • Firmware update on A+M systems
        • Concept
        • Standards and specifications
        • Update agent implementation
        • Image directory
    • Secure Storage Service
      • Overview
      • Service Access Protocol
      • PSA Storage Classes
        • Internal Trusted Storage
        • Protected Storage
      • PSA Storage C API
      • Storage Frontend and Backend Separation
      • Storage Frontend and Backend Responsibilities
      • Storage Factory
      • Storage Frontend/Backend Combinations
        • Persistent Key Store for Crypto Service Provider
        • Proxy for OP-TEE Provided Storage
    • Block Storage Service
      • Overview
      • Project Directories
      • Design Description
        • Block Store
      • Service Interface
      • Block Store Client
      • Block Store Devices
      • Stacked Block Stores
        • Partitioned Block Store
        • Encrypted Block Store
    • UEFI SMM Services
      • SMM Variable Service
        • Overview
        • Supported Functions
        • Supported Variable Attributes
        • Limitations
        • Variable authentication
        • SMM Variable Tests
      • SMM Gateway Build Configuration
      • MM Communicate RPC Layer
    • Logging Service
      • Supported Logging backends
        • UART backend
      • Testing the Logging Service
        • Environment Tests
    • TPM 2.0 service
      • Overview
      • TPM CRB over FF-A RPC endpoint
      • TPM CRB provider
      • TPM backend
      • Limitations
  • Environments
    • Secure Partitions
      • Firmware Framework for Armv8-A
      • S-EL0 Secure Partitions under OP-TEE
        • Running user-space programs on FVP
        • Deploying trusted services in S-EL0 Secure Partitions under OP-TEE
      • S-EL1 Secure Partitions under Hafnium
      • libsp
        • SP layer
        • FF-A layer
        • FF-A internal API
  • Security
    • Security Model
    • Generic Threat Model
      • Target evaluation
      • Data flow diagram
      • Trust boundaries
      • Assets
      • Attackers and threat agents
      • Threat Priority
      • Threat Types
    • Threat Assessment
      • PSA Storage SPs
        • Scope of evaluation
        • Assessment Results
      • PSA Crypto SP
        • Scope of evaluation
        • Assessment Results
      • SmmGW SP
        • Scope of evaluation
        • Assessment Results
      • PSA Attestation SP
        • Scope of evaluation
        • Assessment Results
      • Block Storage SP
        • Scope of evaluation
        • Assessment Results
  • Deployments
    • Secure Partition Images
      • crypto
      • attestation
      • internal-trusted-storage & protected-storage
      • se-proxy
      • smm-gateway
      • ftpm
      • env-test
    • Test Executables
      • component-test
      • ts-service-test
      • uefi-test
      • psa-api-test
      • ts-remote-test
    • Libraries
      • libts
      • libpsats
        • Build and integration examples
        • Initialization
        • Known issues and Limitations
      • libsp
        • Known issues and Limitations
    • Tools & Demo Applications
      • platform-inspect
      • ts-demo
  • Platform Certification
    • PSA Certified
      • PSA Goals
      • Conformance Test Support
    • SystemReady
  • Target Platforms
    • Reference platforms
      • AEM FVP
    • Active Platforms
      • Corstone-1000
      • RD-1 AE
      • Arm Zena CSS (RD-Aspen)
Trusted Services
  • Index

Index

A | C | F | L | N | P | S | T

A

  • ACLE

C

  • C identifier like string

F

  • FF-A

L

  • LCS
  • Logical SP

N

  • Normal World
  • NWd

P

  • Physical SP
  • PSA

S

  • Secure Enclave
  • Secure Partition
  • Secure Partition Manager
  • Secure Partition Manager Core
  • Secure Partition Manager Dispatcher
  • Secure Processing Environment
  • Secure World
  • SP
  • SPE
  • SPM
  • SPMC
  • SPMD
  • SWd

T

  • TEE
  • TF-A
  • TrustZone
  • TS