Docs: Add TF-M roadmap
Transfer TF-M roadmap from the Phabricator to the project documentation.
The Phabricator is to be shut down, being out of support.
Signed-off-by: Anton Komlev <anton.komlev@arm.com>
Change-Id: I43545445f6bc09ece62dd86ec8ce09584c2e9b06
diff --git a/docs/roadmap.rst b/docs/roadmap.rst
new file mode 100644
index 0000000..c94b881
--- /dev/null
+++ b/docs/roadmap.rst
@@ -0,0 +1,74 @@
+#######
+Roadmap
+#######
+
+TF-M has been under active development since it was launched in Q1'18. It is
+being designed to include
+
+1. Secure boot ensuring integrity of runtime images and responsible for firmware upgrade.
+2. Runtime firmware consisting of TF-M Core responsible for secure isolation,
+ execution and communication aspects. and a set of Secure Services providing
+ services to the Non-Secure and Secure Applications. The secures services
+ currently supported are Secure Storage, Cryptography, Firmware Update,
+ Attestation and Platform Services
+
+If you are interested in collaborating on any of the roadmap features or other
+features, please mail TF-M mailing list
+
+******************
+Supported Features
+******************
+- PSA Firmware Framework v1.0, 1.1 Extension including IPC and SFN modes.
+- PSA Level1, 2 and 3 Isolation.
+- Secure Boot (mcuboot upstream) including generic fault injection mitigations
+- PSA Protected Storage, Internal Trusted Storage v1.0 and Encrypted ITS
+- PSA Cryptov1.0 (uses Mbed TLS v3.4.0)
+- PSA Initial Attestation Service v1.0
+- PSA Firmware Update v1.0
+- PSA ADAC Specification Implementation
+- Base Config
+- kconfig based configuration
+- Profile Small, Medium, ARoT-less Medium, Large
+- Secure Partition Interrupt Handling, Pre-emption of SPE execution
+- Platform Reset Service
+- Dual CPU
+- Open Continuous Integration (CI) System
+- Boot and Runtime Crypto Hardware Integration
+- Fault Injection Handling library to mitigate against physical attacks
+- Threat Model
+- Arm v8.1-M Privileged Execute Never (PXN) attribute and Thread reentrancy disabled (TRD)
+- FPU, MVE Support
+- CC-312 PSA Cryptoprocessor Driver Interface
+
+******
+CQ4'23
+******
+- TF-M v2.0.0 release
+- Mbed TLS 3.5.0, mcuboot 2.0.0 Integration
+- Design, prototype: Supporting multiple clients i.e. TF-M supporting multiple on
+ core and off core clients on heterogeneous (e.g. Cortex-A + Cortex-M platforms)
+- Demonstrating TLS in Non-Secure using PSA Crypto APIs in TF-M
+- Build System Enhancements - Separate Secure, Non-Secure Builds
+- Mailbox interrupt handling
+
+******
+Future
+******
+- Long Term Stable (LTS) support
+- Implement support for multiple clients
+- Remote Test Infrastructure
+- MISRA testing
+- TF-M Performance - Further Benchmarking and Optimization
+- Scheduler - Multiple Secure Context Implementation
+- Arm v8.1-M Architecture Enablement - PAC/BTI
+- PSA FWU Service Enhancements
+- PSA ADAC Spec - Enhancements and Testing
+- Arm v8.1-M Unprevileged Debug
+- [Secure Storage] Extended PSA APIs, Key Diversification Enhancements
+- [Audit Logs] Secure Storage, Policy Manager
+- PSA FF Lifecycle API
+- Fuzz Testing
+
+--------------
+
+*Copyright (c) 2017-2023, Arm Limited. All rights reserved.*