Trusted Firmware-M: v1.4.0 Release
Trusted Firmware-M (TF-M) v1.4.0 was released on 04 th August 2021. The release includes integration of Mbed TLS3.0.0, implementation of features in PSA Firmware Framework-M v1.1 and improved documentation since the last release v1.3.0. This release was tested using the Trustedfirmware projects’ Open Continuous Integration (CI) System.
Highlights of the TF-M v1.4.0
While there have been around 250 commits in TF-M master branch since TF-Mv1.3.0, here are some of the highlights included in TF-Mv1.4.0.
Mbed TLS3.0.0: PSA Crypto service is updated to Mbed TLS3.0. Mbed TLS3.0.0 was a major release with numerous changes and support for new PSA Crypto APIs one-shot cipher functions, psa_cipher_encrypt and psa_cipher_decrypt, according to the PSA Crypto API 1.0.0 specification.
Firmware Framework for M v1.1 initial set of changes to align with the v1.1 was included in TF-Mv1.3. Further enhancements to static handle, stateless service, and initial implementation of first level interrupt handling are included. Further changes to fully align with the Specification will continue.
There has been continuous improvement in TF-M documentation over the past few releases. There has been extensive clean up and restructuring of the documentation structure in this release for improved navigation and readability. An updated guide on porting to new hardware is also available.
Squad dashboard to track TF-M metrics. As of now, the dashboard shows the TF-M’s memory footprint measurements.
Laird Connectivity BL5340 DVK is the newly added platform. This adds to already supported platforms - NUCLEO-L552ZE-Q, STM32L562E-DK, LPCXpresso55S69, PSoC(R) 64, nRF5340 DK, nRF5340 PDK, M2354, M2351 and Cortex-M55 plus Ethos-U55 Corstone-300 AN547 FPGA. Enhancements and fixes have been made to some of these platform ports.
PSA Firmware Update API defines a standard set of firmware update interfaces that can be used by update applications and cloud connector clients. In this tag, Trusted Firmware-M has implemented these interfaces as a new runtime Secure Service in TF-Mv1.3. Further enhancements have been made to support image update with dependencies.
MCUboot enhancements has been included by integrating latest tag ‘TF-Mv1.4-integ’
More details can be found here. Since TF-Mv1.3.0 release, FreeRTOS OTA and TF-M integration is available in otal_pal_psa in Amazon FreeRTOS github. A pull request has also been raised showcasing integration of Azure RTOS and TF-M on Arm MPS3 AN534 platform.