Trusted Services
stable
Contents:
Introduction
Solving Common Security Problems
Protecting IoT device identity
Protecting Software Updates
Secure Logging
Project Goals
Enhancing Security through Reuse and Testing
About the Project
Change Log & Release Notes
Version 1.0.0
Feature Highlights
Updated external components
Breaking changes
Resolved issues
Known limitations
Version 1.0.0-Beta
Feature Highlights
Test Report
Coding Style & Guidelines
Common Rules
C Rules
CMake Rules
Restructured Text Rules
Contributing
Reporting Security Issues
Getting Started
Making Changes
Submitting Changes
Glossary
License
Maintainers
Main maintainers
Code owners
Versioning policy
Format of version IDs
Version ID hierarchy
Storage and format
Version Control
Branching Strategy
Sandbox branches
Topic branches
Review vs quality
Quality Assurance
Verification Strategy
Clean Code
Runtime Testing
Verification methodology
Static Checks
Build verification
Runtime verification
Verification Plan
Verification during development
Verification during code review
Guarding “main”
Releases
Cadence
Release procedure
Quick Start Guides
Build and run PC based tests
Before you start
Build and run
component-test
Build and run
ts-service-test
Build and run
psa-api-test
More information
Build and run tests on OP-TEE reference integration for FVP
Before you start
Build the linux application binaries
Run
ts-service-test
Developer Documents
Architecture Overview
Service Model
Service Deployments
Service Access Protocols
Project Structure
Top-Level Project Organization
docs
deployments
environments
platforms
components
Test components
external
protocols
tools
Service Deployment Model
Ports and Adapters Architecture
Service Deployment Structure
Deployment Directory Structure
Configuration Definitions
Infrastructure Definitions
Platform Support
Platform Providers
Diver Models
Drivers
Service Access Protocols
Trusted Services protocol layers
TS RPC implementation
Generic concepts
ABI
Service discovery
RPC status code values
Example TS RPC call
Status Codes
Service Access Protocol Definition Conventions
Service Namespace
Language Independent Protocol Definitions
Use of Protocol Buffers
.proto File Style Guide
Protocol Buffer Library for Trusted Services
Serialization Protocol Flexibility
Service Locator
Service Locator Model
Class service_locator
Class service_context
Class rpc_caller
Locating Service Instances
Service Names
Service Location Strategies
Software Requirements
Build Instructions
Build Flow
Selecting the build type
Building and Installing
Installed build output files
Deploying installed files
Batch Building
Running Tests
Running component tests
Documentation Build Instructions
Prerequisites
Example environment
Building rendered documentation
Writing Documentation
Section Headings
Inline documentation
CMake
Build test runner
Dependencies
Files
Design
Usage
Makefile
run.sh
Services
Attestation Service
Overview
Project Directories
Attestation report
Design Description
Claims Model
Provisioning Flows
Self-generated IAK
Imported IAK
Testing the Attestation Service
Component-Level Test Suites
Service-Level Test Suites
Environment Tests
Crypto Service
Overview
Service Provider Implementation
Crypto Provider
Crypto Serializer
Mbed Crypto
Secure Storage
Entropy Source
Firmware Update Service
Overview
Source Code Location
Concepts and Assumptions
Update Packaging
Transactional Updates
Banked Firmware Store
Update Agent
Firmware Directory
Storage Volumes
Installers
Firmware Locations
Design Description
Core Components
Service Interface
Platform Configuration
Update Agent Configuration using GPT
FWU Command Line Application
Testing the Update Agent
Reference Integration Test Environment
UEFI disk image creation instructions
Disk Image Descriptions
Secure Storage Service
Overview
Service Access Protocol
PSA Storage Classes
Internal Trusted Storage
Protected Storage
PSA Storage C API
Storage Frontend and Backend Separation
Storage Frontend and Backend Responsibilities
Storage Factory
Storage Frontend/Backend Combinations
Persistent Key Store for Crypto Service Provider
Proxy for OP-TEE Provided Storage
Block Storage Service
Overview
Project Directories
Service Interface
Service Provider Configuration
Storage Partition Configuration
Design Description
Block Store
UEFI SMM Services
SMM Variable Service
Overview
Supported Functions
Supported Variable Attributes
SMM Variable Tests
SMM Gateway Build Configuration
MM Communicate RPC Layer
Environments
Secure Partitions
Firmware Framework for Armv8-A
S-EL0 Secure Partitions under OP-TEE
Running user-space programs on FVP
Deploying trusted services in S-EL0 Secure Partitions under OP-TEE
S-EL1 Secure Partitions under Hafnium
libsp
SP layer
FF-A layer
FF-A internal API
Security Model
Security Model
Generic Threat Model
Target evaluation
Data flow diagram
Trust boundaries
Assets
Attackers and threat agents
Threat Priority
Threat Types
Deployments
Secure Partition Images
crypto
attestation
internal-trusted-storage & protected-storage
se-proxy
smm-gateway
env-test
Test Executables
component-test
ts-service-test
uefi-test
psa-api-test
ts-remote-test
Libraries
libts
libsp
Tools & Demo Applications
platform-inspect
ts-demo
Platform Certification
PSA Certified
PSA Goals
Conformance Test Support
SystemReady
Target Platforms
Reference platforms
AEM FVP
Trusted Services
»
Search
Please activate JavaScript to enable the search functionality.
Read the Docs
v: stable
Versions
latest
stable
v1.0.0
v1.0.0-beta
main
integration
Downloads
On Read the Docs
Project Home
Builds