Trusted Firmware Logo

Trusted Firmware at the Open Source Firmware Conference (OSFC) - Erlangen, 12-15 Sep 2018

logo
Matteo Carlini| Tuesday, September 18, 2018|3 min read

The Trusted Firmware-A team attended last week the first Open Source Firmware Conference (OSFC) in Erlangen, Germany.

Hosted by Siemens, 9 Elements and FAU, this was the very first conference all around open firmware, bringing together software companies, big data centre providers, industry players and software enthusiasts to talk about hot topics and latest trends in the firmware space.

The conference was sponsored by Arm, Facebook, Google, Intel, OpenSUSE, Secunet and Siemens, and it featured the presence of all the major open source firmware projects: Coreboot, LinuxBoot, Tianocore EDK2, Petitboot, U-Boot, HardenedLinux, OpenBMC and obviously Trusted Firmware.

Sandrine Bailleux from Arm gave an overview of Trusted Firmware-A and the trustedfirmware.org project (1) and then she presented in detail the new Secure Partition architecture that is currently under active development (see also (2)(3)).

The primary goal of this architecture is to provide software isolation and unprivileged execution environments under the control of the privileged (EL3) firmware to instantiate PI Standalone Management Mode (4) in the Secure world, in order to execute Management Mode services like RAS, Secure Variable access, Secure Firmware update.

Moreover, as the Arm architecture moves forward, embracing needs from different market segments, so does the reference software implementation provided by Trusted Firmware.

Therefore, as the Armv8.4 architecture introduces the Secure EL2 extension, adding support for virtualization in the Secure world, the natural evolution of the Secure Partition software architecture will also enable a scenario in which multiple mutually-mistrusting Secure EL1 software components (Trusted OSs, specific platform firmware and so on), coming from different vendors, will all coexist in the Secure world leveraging full isolation of address spaces, standard APIs to communicate with the underlying Secure EL2 software, and with the additional possibility of being audited separately from each other (5).

Sandrine’s talk was well received, and it raised lot of interest around this enablement. It was also immediately followed by another Trusted Firmware presentation from Julius Werner, Google, in which he described their Coreboot - Trusted Firmware-A solution deployed on Chromebooks.

The Arm team had also other follow ups with various industry players around interesting topics like Secure Firmware update, firmware testing and validation, firmware documentation (the Trusted Firmware one was praised to be particularly well done!), firmware complexity and an increasing need for limiting it in the privileged firmware space to reduce the potential attack surface.

In conclusion, a well-attended conference where all firmware enthusiasts could share their ideas and projects for expanding and nurturing even more an already well-established open source firmware ecosystem!

References:

  1. https://www.osfc.io/2018/talks/secure-partitions-in-arm-trusted-firmware-a/

  2. https://connect.linaro.org/resources/hkg18/hkg18-104/

  3. https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/docs/components/secure-partition-manager.rst

  4. https://uefi.org/sites/default/files/resources/PI_Spec_1_6.pdf

  5. https://developer.arm.com/-/media/Files/pdf/Isolation_using_virtualization_in_the_Secure_World_Whitepaper.pdf 2

Recent Posts

post image
Trusted Firmware-A LTS v2.10.2 released!

Tuesday, February 20, 2024

Building on the 1st TF-A LTS in 2023, Trusted Firmware-A is pleased to announce the release of the second major LTS version- LTS v2.10 \[1], its first valid tag being lts-v2.10.2. The LTS is branched out of TF-A 2.10, the second 2023 TF-A Release \[Nov’2023]

post image
Trusted Firmware OP TEE Release 4.1.0

Thursday, January 18, 2024

Trusted Firmware OP TEE: v4.1.0 Release

post image
Trusted Firmware-A v2.10 released!

Saturday, December 9, 2023

Introduction Trusted Firmware-A has come a long way since its first commit in 2013, ten years and counting! Co-incidentally, the latest official TF-A Release increments to the same number - v2.10.

post image
Trusted Firmware-M v2.0.0 Released!

Tuesday, November 28, 2023

TF-M: 2.0.0: Smaller footprint Trusted Firmware-M

post image
MISRA Compliance Jumpstart

Monday, October 30, 2023

White Paper: Jumpstarting MISRA compliance via the integration of static analysis into Open Source CI systems: best practices and key elements from TrustedFirmware.org