Merge topics/block_storage into integration
This merge adds the following changes:
- Block Storage service. This service allows shared access to storage
media for SWd components.
- Change deployment structure to support more fine grained
configuration. Refactor deployments targeting the SWd to follow
the new structure. This is a braking change, all integration systems
will need follow-up changes.
For more details please refer to the documentation.
Change-Id: Ic29b901cb5d546544ffe3ff53516b23aae884217
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
diff --git a/.checkpatch b/.checkpatch
new file mode 100644
index 0000000..70887c3
--- /dev/null
+++ b/.checkpatch
@@ -0,0 +1,16 @@
+# Copyright (c) 2021-2022, Arm Limited and contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+# Checkpatch configuration for Trusted Services.
+
+--showfile
+# Please set CODESPELL_FILE in the environment.
+--codespellfile="$CODESPELL_FILE"
+--codespell
+--ignore SPDX_LICENSE_TAG,PREFER_KERNEL_TYPES,USLEEP_RANGE,GERRIT_CHANGE_ID,FILE_PATH_CHANGES
+--no-tree
+--terse
+--strict
+--max-line-length=100
diff --git a/.cppcheck b/.cppcheck
new file mode 100644
index 0000000..ab5af7d
--- /dev/null
+++ b/.cppcheck
@@ -0,0 +1,22 @@
+
+#-------------------------------------------------------------------------------
+# Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+# cppcheck options to check the whole repo. This is a limited approach as
+# deployment specific settings can not be used (include paths, macro definitions
+# platform, etc...).
+# use this file as:
+# cppcheck $(sed "s/#.*//g" ".cppcheck") .
+--enable=all --suppress=missingInclude -q --std=c99
+--platform=unix64
+# Output in checkpatch compatible format.
+--template={file}:{line}:{severity}:{id},{message}
+-I components/common/utils/include
+-I components/messaging/ffa/libsp/include
+-I components/rpc/common/interface
+-I components/service/locator/interface
+-I components/messaging/ffa/libsp/include
+-I components/common/utils/include
diff --git a/docs/_static/css/custom.css b/docs/_static/css/custom.css
index 93747c8..9377480 100644
--- a/docs/_static/css/custom.css
+++ b/docs/_static/css/custom.css
@@ -1,5 +1,5 @@
/*-----------------------------------------------------------------------------
-# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -83,3 +83,19 @@
font-size: 6rem;
color: #343131;
}
+
+/* override table width restrictions */
+.wy-table-responsive table td, .wy-table-responsive table th {
+ white-space: normal;
+}
+
+.wy-table-responsive {
+ margin-bottom: 24px;
+ max-width: 100;
+ overflow: visible;
+}
+
+wy-table-bordered-all, .rst-content table.docutils {
+ max-width: 100%;
+ min-width: 100%;
+}
\ No newline at end of file
diff --git a/docs/_static/images/tfm-contribution.png b/docs/_static/images/tfm-contribution.png
new file mode 100644
index 0000000..9fa52f9
--- /dev/null
+++ b/docs/_static/images/tfm-contribution.png
Binary files differ
diff --git a/docs/_static/images/tfm-documentation.png b/docs/_static/images/tfm-documentation.png
new file mode 100644
index 0000000..925c52e
--- /dev/null
+++ b/docs/_static/images/tfm-documentation.png
Binary files differ
diff --git a/docs/_static/images/tfm-integration.png b/docs/_static/images/tfm-integration.png
new file mode 100644
index 0000000..a25f512
--- /dev/null
+++ b/docs/_static/images/tfm-integration.png
Binary files differ
diff --git a/docs/_static/images/tfm-introduction.png b/docs/_static/images/tfm-introduction.png
new file mode 100644
index 0000000..73998eb
--- /dev/null
+++ b/docs/_static/images/tfm-introduction.png
Binary files differ
diff --git a/docs/_static/images/tfm-platform.png b/docs/_static/images/tfm-platform.png
new file mode 100644
index 0000000..5a5fa5f
--- /dev/null
+++ b/docs/_static/images/tfm-platform.png
Binary files differ
diff --git a/docs/_static/images/tfm-reference.png b/docs/_static/images/tfm-reference.png
new file mode 100644
index 0000000..b53eaa4
--- /dev/null
+++ b/docs/_static/images/tfm-reference.png
Binary files differ
diff --git a/docs/_static/images/tfm-release.png b/docs/_static/images/tfm-release.png
new file mode 100644
index 0000000..056bfac
--- /dev/null
+++ b/docs/_static/images/tfm-release.png
Binary files differ
diff --git a/docs/certification/index.rst b/docs/certification/index.rst
new file mode 100644
index 0000000..58f8f1f
--- /dev/null
+++ b/docs/certification/index.rst
@@ -0,0 +1,27 @@
+Platform Certification
+======================
+Various certification programmes exist to help platform vendors produce hardware
+and firmware that meets defined requirements for security and feature compatibility.
+By conforming to a set of testable criteria, platform vendors can make assurances to
+customers about the capabilities and security of their products.
+
+The Trusted Services project is an upstream source for service related components
+that can be integrated into platform firmware. Many of these components are important
+building blocks for meeting certification requirements. Reuse of components by
+downstream platform integration projects will help drive quality and security
+improvements, especially in areas covered by relevant certification programmes.
+
+Currently, the following certification programmes have been adopted by downstream
+platform integration projects:
+
+.. toctree::
+ :maxdepth: 1
+
+ psa-certified
+ system-ready
+
+--------------
+
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/certification/psa-certified.rst b/docs/certification/psa-certified.rst
new file mode 100644
index 0000000..b1bce4c
--- /dev/null
+++ b/docs/certification/psa-certified.rst
@@ -0,0 +1,77 @@
+PSA Certified
+=============
+PSA Certified provides a framework for securing connected devices. Certification demonstrates
+that security best practices have been implemented, based on an independent security assessment.
+For more information, see: `PSA Certified`_.
+
+PSA Certified defines ten security goals that form the foundation for device security. The
+certification process involves an assessment that these security goals have been met. The
+Trusted Services project includes service provider components and reference integrations
+that a system integrator may use as the basis for creating a platform that meets these goals.
+
+PSA Goals
+---------
+The following table lists the ten security goals and how the Trusted Services
+project helps to achieve them:
+
+.. list-table::
+ :widths: 1 2
+ :header-rows: 1
+
+ * - PSA Certified Goal
+ - Trusted Services Contribution
+ * - Unique Identification
+ - | A unique device identity, assigned during manufacture, may be stored securely
+ | using the Secure Storage trusted service with a suitable platform provided backend.
+ * - Security Lifecycle
+ - | The Attestation trusted service provides an extensible framework for adding claims
+ | to a signed attestation report. The security lifecycle state claim is planned to be
+ | added in a future release.
+ * - Attestation
+ - | A remote third-party may obtain a trusted view of the security state of a device by
+ | obtaining a signed attestation token from the Attestation service.
+ * - Secure Boot
+ - | Secure boot relies on a hardware trust anchor such as a public key hash programmed into
+ | an OTP eFuse array. For firmware that uses TF-A, all firmware components are verified
+ | during the early boot phase.
+ * - Secure Update
+ - | Involves cooperation of a trusted service with other firmware components such as the
+ | boot loader.
+ * - Anti-Rollback
+ - | The Secure Storage service provider can be used with arbitrary storage backends, allowing
+ | platform specific storage to be used. Where the necessary hardware is available, roll-back
+ | protected storage can be provided with a suitable backend.
+ * - Isolation
+ - | The trusted services architectural model assumes that service isolation is implemented using
+ | a hardware backed secure processing environment. A secure partition managed by a Secure
+ | Partition Manager is one method for realizing isolation.
+ * - Interaction
+ - | The FF-A specification defines messaging and memory management primitives that enable
+ | secure interaction between partitions. Importantly, the secure partition manager provides
+ | a trusted view of the identity of a message sender, allowing access to be controlled.
+ * - Secure Storage
+ - | The Secure Storage service provider uses a pre-configured storage backend to provide
+ | an object store with suitable security properties. Two deployments of the secure storage
+ | provider (Internal Trusted Storage and Protected Storage) are included with platform
+ | specific storage backends.
+ * - Cryptographic Service
+ - | The Crypto service provider implements a rich set of cryptographic operations using
+ | a protected key store. Key usage is controlled based on the least privileges principle
+ | where usage flags constrain permitted operations.
+
+Conformance Test Support
+------------------------
+To support API level conformance testing, the `PSA Arch Test project`_ provides a rich set
+of test suites that allow service implementations to be tested. To facilitate running of
+PSA functional API tests, the psa-api-test deployment (see: :ref:`Test Executables`) is
+supported which integrates test suites with service clients. This can be used to run tests
+on a platform and collect tests results to provide visibility to an external assessor.
+
+--------------
+
+.. _`PSA Certified`: https://www.psacertified.org/
+.. _`PSA Arch Test project`: https://github.com/ARM-software/psa-arch-tests.git.
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/certification/system-ready.rst b/docs/certification/system-ready.rst
new file mode 100644
index 0000000..f41625a
--- /dev/null
+++ b/docs/certification/system-ready.rst
@@ -0,0 +1,27 @@
+SystemReady
+===========
+Arm SystemReady is a compliance certification programme that aims to promote a standardized
+view of a platform and its firmware (see: `Arm SystemReady`_). SystemReady may be applied across
+different classes of device, represented by different SystemReady bands, from resource constrained
+IoT devices through to servers. By standardizing the platform and its firmware, generic operating
+systems can be expected to 'just work' on any compliant device.
+
+SystemReady leverages existing open standards such as UEFI. The Trusted Services project
+includes service level components that enable UEFI SMM services to be realized, backed by PSA
+root-of-trust services. As an alternative to EDK2 StMM, the smm-gateway deployment presents
+UEFI compliant SMM service endpoints, backed by the generic Secure Storage and Crypto services.
+For more information, see:
+
+ * :ref:`Secure Partition Images`
+ * :ref:`UEFI SMM Services`
+
+The UEFI features supported by smm-gateway are designed to meet SystemReady requirements for
+the IR band (embedded IoT).
+
+--------------
+
+.. _`Arm SystemReady`: https://developer.arm.com/architectures/system-architectures/arm-systemready
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/conf.py b/docs/conf.py
index e35a28e..feeca38 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -1,7 +1,7 @@
# -*- coding: utf-8 -*-
# -- Metadata about this file ------------------------------------------------
-__copyright__ = "Copyright (c) 2020-2021 Arm Limited and Contributors."
+__copyright__ = "Copyright (c) 2020-2022 Arm Limited and Contributors."
__license__ = "SPDX-License-Identifier: BSD-3-Clause"
# Configuration file for the Sphinx documentation builder.
@@ -31,7 +31,7 @@
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = ['sphinx.ext.autosectionlabel', 'sphinxcontrib.plantuml',
- 'sphinxcontrib.moderncmakedomain', 'sphinx.ext.todo']
+ 'sphinxcontrib.moderncmakedomain' ]
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
@@ -102,7 +102,3 @@
# -- Options for plantuml ----------------------------------------------------
plantuml_output_format = 'svg_img'
-# -- Options for todo extension ----------------------------------------------
-
-# Display todos
-todo_include_todos = False
diff --git a/docs/developer/deployments/index.rst b/docs/deployments/index.rst
similarity index 93%
rename from docs/developer/deployments/index.rst
rename to docs/deployments/index.rst
index 40a6949..bc98e61 100644
--- a/docs/developer/deployments/index.rst
+++ b/docs/deployments/index.rst
@@ -17,10 +17,10 @@
libraries
tools-demo-apps
-Related deployments:
+Related documentsments:
- :ref:`Project Structure`
- - :ref:`Portability Model`
+ - :ref:`Service Deployment Model`
- :ref:`Build Instructions`
- :ref:`Running Tests`
diff --git a/docs/developer/deployments/libraries.rst b/docs/deployments/libraries.rst
similarity index 97%
rename from docs/developer/deployments/libraries.rst
rename to docs/deployments/libraries.rst
index 2e60d86..25902ef 100644
--- a/docs/developer/deployments/libraries.rst
+++ b/docs/deployments/libraries.rst
@@ -4,6 +4,8 @@
other deployments or external applications. The following library deployments
are currently supported:
+.. _libs-libts:
+
libts
-----
Userspace applications that depend on trusted services may use *libts* for handling
@@ -29,6 +31,8 @@
* - Used by
- * Userspace applications
+.. _libs-libsp:
+
libsp
-----
*libsp* provides a functional interface for using FF-A messaging and memory
diff --git a/docs/developer/deployments/secure-partitions.rst b/docs/deployments/secure-partitions.rst
similarity index 95%
rename from docs/developer/deployments/secure-partitions.rst
rename to docs/deployments/secure-partitions.rst
index 8e6ba24..338363c 100644
--- a/docs/developer/deployments/secure-partitions.rst
+++ b/docs/deployments/secure-partitions.rst
@@ -1,12 +1,12 @@
-Secure Partitions
-=================
+Secure Partition Images
+=======================
Secure partition (SP) deployments are concerned with building SP images that can
be loaded and run under a secure partition manager such as Hafnium or OP-TEE.
SP images will usually include service provider components that expose a
service interface that may be reached using FF-A messages. A set of SP images
will be loaded and verified by device firmware to provide the required services.
-The following SP deployments are currently supported:
+The following deployments that create SP images are currently supported:
crypto
------
@@ -15,7 +15,7 @@
partitions. Backend crypto operations are implemented by the crypto library
component of MbedTLS. This deployment provides the cryptographic facilities
needed for PSA certification. For more information, see:
-:ref:`Crypto Service Description`.
+:ref:`Crypto Service`.
.. list-table::
:widths: 1 2
@@ -34,7 +34,7 @@
trusted view of the boot state of device firmware from the TPM event log
collected by the boot loader. This deployment provides the initial attestation
facility needed for PSA certification. For more information, see:
-:ref:`Attestation Service Description`.
+:ref:`Attestation Service`.
.. list-table::
:widths: 1 2
@@ -54,7 +54,7 @@
different security trade-offs to be made and to support different hardware,
a system integrator may configure which storage backend to use. Secure storage
is a requirement for PSA certification. For more information, see:
-:ref:`Secure Storage Service Description`.
+:ref:`Secure Storage Service`.
.. list-table::
:widths: 1 2
diff --git a/docs/developer/deployments/test-executables.rst b/docs/deployments/test-executables.rst
similarity index 100%
rename from docs/developer/deployments/test-executables.rst
rename to docs/deployments/test-executables.rst
diff --git a/docs/developer/deployments/tools-demo-apps.rst b/docs/deployments/tools-demo-apps.rst
similarity index 100%
rename from docs/developer/deployments/tools-demo-apps.rst
rename to docs/deployments/tools-demo-apps.rst
diff --git a/docs/developer/arch-overview.rst b/docs/developer/arch-overview.rst
index d2f8c4d..c1f985a 100644
--- a/docs/developer/arch-overview.rst
+++ b/docs/developer/arch-overview.rst
@@ -9,7 +9,7 @@
featured trusted OSs, such as OP-TEE, to bare metal secure partitions.
For a more in-depth description of how the ports and adapters pattern is applied, see:
-:ref:`Portability Model`
+:ref:`Service Deployment Model`
Service Model
-------------
@@ -74,6 +74,6 @@
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/build-instructions.rst b/docs/developer/build-instructions.rst
index d5f23bc..f52fe55 100644
--- a/docs/developer/build-instructions.rst
+++ b/docs/developer/build-instructions.rst
@@ -155,10 +155,10 @@
directly accessible by the target.
* Installed files are incorporated into a third-party build process e.g. OP-TEE.
-The following guides provide instructions on deploying to different environments:
+The following guides provide instructions on deploying services and running programs on FVP:
* :ref:`Deploying trusted services in S-EL0 Secure Partitions under OP-TEE`
-* :ref:`Deploying Programs on FVP`
+* :ref:`Running User-space Programs on FVP`
Batch Building
--------------
diff --git a/docs/developer/image/TSportabilityModel.svg b/docs/developer/image/TSportabilityModel.svg
index e0635c5..d8fcbb6 100644
--- a/docs/developer/image/TSportabilityModel.svg
+++ b/docs/developer/image/TSportabilityModel.svg
@@ -1,3 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
+<!-- Do not edit this file with editors other than diagrams.net -->
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg xmlns="http://www.w3.org/2000/svg" style="background-color: rgb(255, 255, 255);" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="471px" height="371px" viewBox="-0.5 -0.5 471 371" content="<mxfile host="confluence.arm.com" modified="2021-01-21T15:49:55.792Z" agent="Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0" etag="T4OmEHaxOAbJXEuewn-x" version="12.7.1.1" type="atlas"><mxAtlasLibraries/><diagram id="Fh55IqWZiI4TxFe46PeK" name="Page-1">7Zpbc5s4FIB/jWe2D+4YZMf2Y25tZrbddSftNN2XjAwyaAuICvlCf/1KRsIg4ZikxgRv8xLpoAv6zjnSOTI9cB1u3lMY+x+Ji4KePXA3PXDTs21rZA35PyFJpQRYk0ziUexK2U5wj38iKRxI6RK7KCk1ZIQEDMdloUOiCDmsJIOUknW52YIE5Vlj6MkZBzvBvQMDZDT7il3mZ9LJqND6DmHPVzNbA/kkhKqxFCQ+dMm6IAK3PXBNCWFZKdxco0DQU1yyfu/2PM1fjKKI1elAfvzzJ/2azsm3VTL8Mr999B/Tvp2NsoLBUi74M10mDLlceI/oCjuIl2aUrLgaaM++CPhcV3NR8kTpDxjHAXYgwyR6I9fJUgWPLzkWRR9toEci3j5GFIeI8aFy6UyJOJGrtY8Zuo+hI7qtuU1xmc/CgNcsXnQx5UrGYqibhCwF4SuTg0SzQpShTUEkubxHhM9HU95EPgVSRdJIh7K63incmkiZX1B2bqRQGpmXj7zTAy9IVTxDLSNDLe2wXeAguCYBEUNGJELHwd0flnn3wcgADuwK4GDcFPALA/httMKURKFYps6er5OV4SWMku9IQ1VBDwbYE4AdPqxQ1JWgxv0nuJQPQuy6YppKbVGyjFwk1jE4jiby3Upqwh6bpj+ssvym9DA29ABdGAtUug7KLA7YdjN2nGNINZoFeqNT0pt0ml7FtntSetNO05u0TE+dhd3A1wevzHUtq9P42vZdywxku4SvdecFBr5ZANmC0NDgdzbBj32hhaF2y8GPSpafCvv5MDz13ceoecu1NNOdmqF7leWCxpjVSJVQ5F6KqwBhegFMEuyUUaENZg+F8jdhY29HsnazkSa3raSqEvG3fyhWCr1EdddtW1P99uqAp1zUQTWsg0HqIVbjJEauutrYo9MDOlMyivhWgFflC5EqRcoZZgSLnGmvyQwHmjFkS5fdijcY+kiT8kBgpA2UoTEG2hpWvu5fsDUzSzze6dKzwWL7d6TNTY9vTD+tyrAbu9GwzNykM+yGbbMzM5POsJu0zE5N1g12rw2emZR0B17bXqtYdRJe28eFbSYkBrwDuGASZz8ILfBGIG6SH88/NYBVV9qnjIvtOrnEWcTFylQOx8VyxN9x8ZHjYrtODvaSvPXYu5wGPN++DjhpYwm/XSOhaNRJrVM56bSmjypTOjsfHWo+ahjVHh/luodpoVksGiT73xhY2kE0HTz5Xnp77SsCXsje4Lgbhvkzn2H31CfhfJm0umH0tVPdrgiLTnuq18gE1YcBThrgyN3esx4gOM+i0A/zXACd7942Nv17yfgoqHnUQEM9td/WC0FVoHV01qBG/H4eEdS47uY8PdPNue0ACtTIds7DrS3Qvl//bzKjSU2/Vub3269f7tfj9Mt0Pftr/u8D++xfkk8f7+5oxdeVL7a0wTMs7eUWowKzV2sJ+oVTbUvQf3GfNhN+6xZnfJR7oL0Wrj83/ObV3QfFWfPdd9ng9j8=</diagram></mxfile>"><defs/><g><path d="M 197.5 90 L 302.5 90 L 355 180 L 302.5 270 L 197.5 270 L 145 180 Z" fill="#ffffff" stroke="#000000" stroke-miterlimit="10" transform="rotate(90,250,180)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 180px; margin-left: 161px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Trusted Service Provider<br />(application)</div></div></div></foreignObject><text x="250" y="184" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Trusted Service Provider...</text></switch></g><path d="M 157.5 25 L 342.5 25 L 435 185 L 342.5 345 L 157.5 345 L 65 185 Z" fill="none" stroke="#000000" stroke-miterlimit="10" transform="rotate(90,250,185)" pointer-events="all"/><rect x="230" y="305" width="40" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 315px; margin-left: 231px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Environment</div></div></div></foreignObject><text x="250" y="319" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Enviro...</text></switch></g><rect x="350" y="135" width="50" height="20" fill="none" stroke="#000000" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 145px; margin-left: 351px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">adapter</div></div></div></foreignObject><text x="375" y="149" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="350" y="175" width="50" height="20" fill="none" stroke="#000000" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 185px; margin-left: 351px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">adapter</div></div></div></foreignObject><text x="375" y="189" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="350" y="215" width="50" height="20" fill="none" stroke="#000000" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 225px; margin-left: 351px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">adapter</div></div></div></foreignObject><text x="375" y="229" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="100" y="135" width="50" height="20" fill="none" stroke="#000000" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 145px; margin-left: 101px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">adapter</div></div></div></foreignObject><text x="125" y="149" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="100" y="175" width="50" height="20" fill="none" stroke="#000000" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 185px; margin-left: 101px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">adapter</div></div></div></foreignObject><text x="125" y="189" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="100" y="215" width="50" height="20" fill="none" stroke="#000000" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 225px; margin-left: 101px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">adapter</div></div></div></foreignObject><text x="125" y="229" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="390" y="15" width="40" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 25px; margin-left: 391px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Platform</div></div></div></foreignObject><text x="410" y="29" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Platfo...</text></switch></g><ellipse cx="25" cy="145" rx="25" ry="15" fill="transparent" stroke="#000000" pointer-events="all"/><path d="M 50 145 L 93.63 145" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 98.88 145 L 91.88 148.5 L 93.63 145 L 91.88 141.5 Z" fill="#000000" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><rect x="150" y="140" width="20" height="10" fill="#ffffff" stroke="#000000" pointer-events="all"/><rect x="150" y="180" width="20" height="10" fill="#ffffff" stroke="#000000" pointer-events="all"/><rect x="150" y="220" width="20" height="10" fill="#ffffff" stroke="#000000" pointer-events="all"/><rect x="330" y="220" width="20" height="10" fill="#ffffff" stroke="#000000" pointer-events="all"/><rect x="330" y="180" width="20" height="10" fill="#ffffff" stroke="#000000" pointer-events="all"/><rect x="330" y="140" width="20" height="10" fill="#ffffff" stroke="#000000" pointer-events="all"/><rect x="10" y="170" width="30" height="30" fill="#ffffff" stroke="#000000" pointer-events="all"/><path d="M 40 185 L 93.63 185" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 98.88 185 L 91.88 188.5 L 93.63 185 L 91.88 181.5 Z" fill="#000000" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><ellipse cx="375" cy="255" rx="15" ry="10" fill="#ffffff" stroke="#000000" pointer-events="all"/><path d="M 400 225 L 430 225 Q 440 225 440 235 L 440 245 Q 440 255 430 255 L 396.37 255" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 391.12 255 L 398.12 251.5 L 396.37 255 L 398.12 258.5 Z" fill="#000000" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 125 240 L 140 255 L 125 270 L 110 255 Z" fill="#ffffff" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 134.5 C 450 125.17 470 125.17 470 134.5 L 470 155.5 C 470 164.83 450 164.83 450 155.5 Z" fill="#ffffff" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 134.5 C 450 141.5 470 141.5 470 134.5" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 400 145 L 443.63 145" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 448.88 145 L 441.88 148.5 L 443.63 145 L 441.88 141.5 Z" fill="#000000" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 174.5 C 450 165.17 470 165.17 470 174.5 L 470 195.5 C 470 204.83 450 204.83 450 195.5 Z" fill="#ffffff" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 174.5 C 450 181.5 470 181.5 470 174.5" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 400 185 L 443.63 185" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 448.88 185 L 441.88 188.5 L 443.63 185 L 441.88 181.5 Z" fill="#000000" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 110 255 L 60 255 Q 50 255 50 245 L 50 235 Q 50 225 60 225 L 93.63 225" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 98.88 225 L 91.88 228.5 L 93.63 225 L 91.88 221.5 Z" fill="#000000" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://desk.draw.io/support/solutions/articles/16000042487" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Viewer does not support full SVG 1.1</text></a></switch></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" style="background-color: rgb(255, 255, 255);" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="471px" height="371px" viewBox="-0.5 -0.5 471 371" content="<mxfile host="confluence.arm.com" modified="2022-09-02T12:38:49.699Z" agent="5.0 (X11)" etag="gZJ4USVuZGaly2bdFk2b" version="20.1.4" type="atlas"><mxAtlasLibraries/><diagram id="Fh55IqWZiI4TxFe46PeK" name="Page-1">7Zpbk5s2FIB/jWfaB2cMwmv7cW/Ndtq07mwy2fQlI4MMagBRIV/Ir69kJAwSjtmNMYubfVnpoAv6zjnSOTIDcBtt31KYBO+Ih8KBPfK2A3A3sG1rDAD/JySZlNjAySU+xZ6U7QWP+CuSwpGUrrCH0kpDRkjIcFIVuiSOkcsqMkgp2VSbLUlYnTWBvpxxtBc8ujBERrOP2GNBLp2OS60fEPYDNbM1kk8iqBpLQRpAj2xKInA/ALeUEJaXou0tCgU9xSXv98uBp8WLURSzJh3Iv3//Rj9mC/JpnTofFvefg8/Z0M5HWcNwJRf8nq5ShjwufER0jV3ES3NK1lwNdGBfhXyum4Uo+aL0E0ySELuQYRL/LNfJMgWPLzkRxQBtoU9i3j5BFEeI8aEK6VyJOJGbTYAZekygK7ptuE1xWcCikNcsXvQw5UrGYqi7lKwE4RuTg0SzRpShbUkkubxFhM9HM95EPgVSRdJIHVnd7BVuTaUsKCm7MFIojcwvRt7rgRekKp6hlrGhlm7YLnEY3pKQiCFjEqPT4B46Vd5DMDaAA7sGOJi0BfzKAP5rvKQwZXTlshVFBn6+VFblx9uSL0ijVQMQhtgXjF0OUOjqRoDjLhReywcR9jwxTa3CKFnFHhJLGZ1GGcWGJZVhT0zrd+qMvy1VTAxVQA8mApWugyqLI+bdjikXGDKNZone+Jz0pr2mV7PznpXerNf0ph3TU8dhP/ANwStzXcvqNb6ufdcyY9k+4evceYGBbx5CtiQ04uPdx2tMSRyJBV9sKGRfaXGp3XEoZDmGTgz6fBieCx9i1L4dW5ohz8xYvs6OQWvMGuROKPauxd2AML0Qpil2q6jQFrOnUvmTsLE3Y1m720qT21UyVYn52z+VK6Veorrvtqupfgd1wHMw6qIG1sEg9RFrcC4jT911HNDpEZ0pGUV8Y8Dr6g1JnSLlDHOCxbZx0GSckWYM+dJlt/KVhj7StDoQGGsD5WiMgXaGVaz7O2zNTBtPd9YMbLDc/Z1oc9OjHdNP61Lu1q44LDNT6Q07p2t2Zp7SG3bTjtmpyfrB7rXBM1OU/sDr2msVq17C6/q4sM30xIB3BBdMk/wXoiXeCsRt8uPZqAaw7o77nHGx3SSXuIi4WJnK8bhYjvgjLj5xXGw3ycFekreeepfTgBfb1xEnbS3htxskFK06qXUuJ5019FFlShfno47mo4ZRHfBRrnuYlZolokF6+I2BpR1Es9E330tvr31WwAv5G5x2wzB/9DPsngYkWqzSTjeMoXaq2zVh0XlP9QaZoPpSwM1CHHu7e9YjBBd5FPr7ohBA94u/i03/XDE+CmofNdBQz+w3zUJQFWidnDVoEL9fRgQ1abo5zy50c+46gAINsp3LcGsLdO/X/5vMaNrQr5X5/fDrl/v1JPsw28z/WPzzxN4H1+Svdw8PtOZzyxdb2ugZlvZyi1GB2au1BP3CqbEl6L+/z9oJv3WLM77SPdJeC9efG37z6v4L47z5/kNtcP8f</diagram></mxfile>"><defs/><g><path d="M 197.5 90 L 302.5 90 L 355 180 L 302.5 270 L 197.5 270 L 145 180 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" transform="rotate(90,250,180)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 180px; margin-left: 161px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Trusted Service Provider<br />(application)</div></div></div></foreignObject><text x="250" y="184" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Trusted Service Provider...</text></switch></g><path d="M 157.5 25 L 342.5 25 L 435 185 L 342.5 345 L 157.5 345 L 65 185 Z" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" transform="rotate(90,250,185)" pointer-events="all"/><rect x="230" y="305" width="40" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 315px; margin-left: 231px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Infrastructure</div></div></div></foreignObject><text x="250" y="319" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Infras...</text></switch></g><rect x="350" y="135" width="50" height="20" fill="none" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 145px; margin-left: 351px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">adapter</div></div></div></foreignObject><text x="375" y="149" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="350" y="175" width="50" height="20" fill="none" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 185px; margin-left: 351px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">adapter</div></div></div></foreignObject><text x="375" y="189" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="350" y="215" width="50" height="20" fill="none" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 225px; margin-left: 351px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">adapter</div></div></div></foreignObject><text x="375" y="229" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="100" y="135" width="50" height="20" fill="none" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 145px; margin-left: 101px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">adapter</div></div></div></foreignObject><text x="125" y="149" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="100" y="175" width="50" height="20" fill="none" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 185px; margin-left: 101px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">adapter</div></div></div></foreignObject><text x="125" y="189" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="100" y="215" width="50" height="20" fill="none" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 225px; margin-left: 101px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">adapter</div></div></div></foreignObject><text x="125" y="229" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">adapter</text></switch></g><rect x="390" y="15" width="40" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 25px; margin-left: 391px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Platform/Environment</div></div></div></foreignObject><text x="410" y="29" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Platfo...</text></switch></g><ellipse cx="25" cy="145" rx="25" ry="15" fill="transparent" stroke="rgb(0, 0, 0)" pointer-events="all"/><path d="M 50 145 L 93.63 145" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 98.88 145 L 91.88 148.5 L 93.63 145 L 91.88 141.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><rect x="150" y="140" width="20" height="10" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="150" y="180" width="20" height="10" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="150" y="220" width="20" height="10" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="330" y="220" width="20" height="10" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="330" y="180" width="20" height="10" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="330" y="140" width="20" height="10" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="10" y="170" width="30" height="30" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><path d="M 40 185 L 93.63 185" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 98.88 185 L 91.88 188.5 L 93.63 185 L 91.88 181.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><ellipse cx="375" cy="255" rx="15" ry="10" fill="#ffffff" stroke="rgb(0, 0, 0)" pointer-events="all"/><path d="M 400 225 L 430 225 Q 440 225 440 235 L 440 245 Q 440 255 430 255 L 396.37 255" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 391.12 255 L 398.12 251.5 L 396.37 255 L 398.12 258.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 125 240 L 140 255 L 125 270 L 110 255 Z" fill="#ffffff" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 134.5 C 450 125.17 470 125.17 470 134.5 L 470 155.5 C 470 164.83 450 164.83 450 155.5 Z" fill="#ffffff" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 134.5 C 450 141.5 470 141.5 470 134.5" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 400 145 L 443.63 145" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 448.88 145 L 441.88 148.5 L 443.63 145 L 441.88 141.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 174.5 C 450 165.17 470 165.17 470 174.5 L 470 195.5 C 470 204.83 450 204.83 450 195.5 Z" fill="#ffffff" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 450 174.5 C 450 181.5 470 181.5 470 174.5" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 400 185 L 443.63 185" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 448.88 185 L 441.88 188.5 L 443.63 185 L 441.88 181.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 110 255 L 60 255 Q 50 255 50 245 L 50 235 Q 50 225 60 225 L 93.63 225" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 98.88 225 L 91.88 228.5 L 93.63 225 L 91.88 221.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.diagrams.net/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
diff --git a/docs/developer/index.rst b/docs/developer/index.rst
index 5fe886f..4ea55f5 100644
--- a/docs/developer/index.rst
+++ b/docs/developer/index.rst
@@ -1,5 +1,5 @@
-Developer Docs
-==============
+Developer Documents
+===================
.. toctree::
:maxdepth: 1
@@ -7,11 +7,9 @@
arch-overview
project-structure
- portability-model
+ service-deployment-model
service-access-protocols
service-locator
- deployments/index
- service-descriptions/index
software-requirements
build-instructions
running-tests
diff --git a/docs/developer/portability-model.rst b/docs/developer/portability-model.rst
deleted file mode 100644
index 8305cb2..0000000
--- a/docs/developer/portability-model.rst
+++ /dev/null
@@ -1,211 +0,0 @@
-Portability Model
-=================
-
-Within the Trusted Services project, an environment represents the execution environment for an application such
-as a trusted service provider. Some example environments are:
-
- - *opteesp* - Secure partition managed by OP-TEE.
- - *opteeta* - TA running under OP-TEE with access to the Global Platform internal API.
- - *hfsp* - Secure partition managed by Hafnium.
-
-An underlying TEE or SPM that manages a secure processing environment will have its own model for porting to different hardware.
-For example, OP-TEE has its own driver model that allows for alternative hardware drivers. In some cases, a secure processing
-environment will not provide native support for all hardware that an application depends on. To address this, the TS
-portability model allows:
-
- - Application interfaces to be adapted to services natively provided by a secure processing environment if they are available.
- - Adapting to platform provided drivers when no native environment support is available.
-
-Ports and Adapters Architecture
--------------------------------
-
-An application is decoupled from any particular environment via a set of interfaces that reflect the needs of the application.
-This model conforms to the *ports and adapters* architectural pattern that aims to avoid tight coupling between application
-components and any particular environment. This pattern, also known as the *hexagonal architecture*, is often illustrated as
-a hexagonal cell with the application on the inside and the platform on the outside.
-
-The following diagram illustrates how ports and adapters is applied in the trusted services project to provide a model for
-application portability.
-
-.. image:: image/TSportabilityModel.svg
-
-The portability model has the following characteristics:
-
- - The application is decoupled from the environment by a set of virtual interfaces (ports) that reflect the needs of the
- application.
- - Those interfaces are realized by a set of adapters that either use native environment services or platform provided
- services.
- - For a given environment, the set of adapters that realize interfaces used by an application will always be the same,
- independent of the platform.
- - A platform presents interfaces that conform to conventional driver and middleware abstractions such as block drivers and
- filesystems.
- - The set of platform interfaces that an application depends on is defined by the set of adapters used for a deployment of an
- application in a particular environment. This can form the basis for a platform configuration.
-
-The need to use platform provided components will depend on the native features provided by an environment. For example, the
-*opteeta* environment represents the TA environment provided by OP-TEE. In its role as a trusted OS, OP-TEE provides access to
-an implementation of the Global Platform Internal Core API that provides services such as secure storage. Usage of any back-end
-hardware is handled by OP-TEE and its own OS components so no additional provision is needed. Bare metal environments such as
-secure partitions offer few native facilities so it may be necessary to map application interfaces to platform provided drivers.
-Mapping application interfaces to platform drivers is a way of extending the native services provided by an environment.
-
-The portability model allows for an arbitrary partitioning of hardware-backed services between native environment services and
-platform drivers.
-
-Portability Model Example
--------------------------
-
-To illustrate usage of the portability model, consider deployments of the following two trusted services:
-
- - fTPM based on the Microsoft TPM2.0 reference implementation.
- - trustedfirmware.org Crypto service based on the Mbed TLS library.
-
-The Microsoft TPM2.0 reference and Mbed TLS both define their own platform interfaces to allow for platform specific
-implementations of features such as roll-back protected storage and entropy. Although some interfaces are similar between the
-two implementations, they are not the same. These interfaces are classed as ports within the ports and adapters architecture.
-To simplify the example, just the entropy platform dependency is considered. Both fTPM and Crypto service providers need access
-to a cryptographic grade RNG to support key generation. How the RNG is realized will depend on:
-
- - What facilities the environment natively provides.
- - What other trusted services are available on the device.
- - Whether the environment allows for platform specific access to hardware.
- - Availability of a spare hardware TRNG instance.
-
-Adapters will be responsible for adapting both fTPM and Crypto views of an entropy source to a suitable realization.
-Some example adapters:
-
-fTPM adapters that realize MS entropy interface (port)
-''''''''''''''''''''''''''''''''''''''''''''''''''''''
- - *Adapts to crypto service* - Uses crypto service generate_random operation
- - *Adapts to TEE API* - Uses native TEE OS
- - *Adapts to TRNG* - Uses platform TRNG hardware
-
-Crypto adapters that realize Mbed TLS entropy source interface (port)
-'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
- - *Adapts to fTPM* - Uses TPM2 getrandom command
- - *TEE API* - Uses native TEE OS
- - *TRNG* - Uses platform TRNG hardware
-
-The above examples reveal that for a given environment, a port may be realized by more than one type of adapter. For example, an
-fTPM deployed within a secure partition could source entropy from either TRNG hardware or from the Crypto service. This
-ambiguity may be resolved by various strategies such as:
-
- 1. Allow a service profile to be applied at build time that defines a core set of mandatory trusted services. A build-time
- selection of alternative adapters is made, based on available core services.
- 2. A built image for a trusted service deployment to a particular environment includes the superset of adapters that could be
- used. A runtime configuration is applied, that specifies which adapters to use.
-
-Providing Platform Firmware
----------------------------
-
-A goal of the TS project is to reduce barriers to deploying trusted services on different hardware platforms. To this end,
-build-time and run-time coupling between TS project and platform components should be minimized. Platform providers should be
-free to make any of the following choices:
-
- - Reuse existing drivers and driver frameworks (e.g. from tf-a, an RTOS, CMSIS).
- - Provide platform components as part of a BSP.
- - Maintain platform components in separate repos.
- - Operate independent test, bug reporting and release processes for platform components.
- - Control the logical organization and naming of different platforms within the TS project.
- - Maintain whatever platform configuration files that are needed within the provider's sub-tree within the TS project.
-
-The platform top-level directory within the TS project provides a structure that allows platform specific components to be
-contributed by different providers. Different providers are represented beneath the platform/providers directory. The virtual
-platform interfaces used by some adapters are defined under platform/interface. The directory structure beneath a platform
-provider's parent is organized to reflect the provider's own naming scheme for different hardware. Supported platforms are each
-represented by a leaf sub-directory within the provider's subtree.
-
-For Arm provided platforms, the structure will look something like this::
-
- platform
- |-- interface
- |-- providers
- |--arm
- |-- corstone700
- |-- fvp
- |-- fvp_base_aemva
- |-- fvp_base_revc-2xaemv8a
- |-- platform.cmake
-
-Under each platform leaf directory is a file called *platform.cmake*. This file implements the common configuration and build
-interface that will be used during the deployment build process. How this interface is realized is entirely down to the
-platform provider. An implementation will do things like setting configuration variables for SoC, board and driver selection.
-Any additional files needed to support platform configuration and build may be included within the platform provider's sub-tree.
-
-For product developers who want to define and maintain their own private platforms, it should be possible to override the
-default platform/providers directory path to allow an alternative sub-tree to be used. A product developer is free to organize
-a private sub-tree in any way that suites their needs.
-
-Although the TS project structure doesn't mandate it, platform specific firmware is likely to live outside of the TS project.
-The ability to reuse existing drivers and driver frameworks is important for promoting adoption across hardware from different
-vendors. Board and silicon vendors may reuse existing CI and project infrastructure for platform components that they maintain.
-
-Some special platforms are provided by the TS project itself. These are represented beneath the *ts* provider.
-Current TS platforms are:
-
-.. list-table::
- :header-rows: 1
- :widths: 10, 90
-
- * - TS Platform
- - Purpose
- * - ts/vanilla
- - | A platform that never provides any drivers. The ts/vanilla platform should be used when an environment provides its own
- | device framework and no additional drivers need to be provided by the platform. An attempt to build a deployment with
- | platform dependencies on the vanilla platform will result in a build-time error. The vanilla platform is selected by
- | default at build-time if no explicit platform has been specified.
- * - ts/mock
- - | A platform that provides a complete set of drivers that may be selected when building any deployment. The platform uses
- | mock drivers that don't offer functionality suitable for production builds. The mock platform is useful for CI build
- | testing of deployments with platform dependencies. You should always expect a deployment with platform dependencies to
- | build when TS_PLATFORM=ts/mock.
-
-Determining a Platform Configuration for a Deployment
------------------------------------------------------
-
-The TS project supports building and installing an application image into different environments that could be hosted on
-different hardware platforms. A platform is characterized by SoC and board-level hardware and possibly by OS type components
-such as device drivers and middleware. To deploy an application that depends on platform drivers, you need to tie-down:
-
- - *Application name* - such as the name of the service e.g. crypto, secure-storage, attestation, tpm.
- - *Environment* - the environment in which the application will run e.g. bare metal secure partition, Global Platform TEE,
- Trusty TEE, microcontroller RTOS.
- - *Platform* - the hardware platform that hosts the environment.
-
-The following example illustrates how these parameters are specified via the deployment build command line::
-
- cd trusted-services/deployments/crypto/opteesp
- cmake -S . -B build -DTS_PLATFORM=arm/fvp/fvp_base_revc-2xaemv8a
-
-The combination of <application name> + <environment> allows a set of build-time platform dependencies to be generated, based on
-the set of adapter components used for the deployment. This information is passed via the platform build interface to the
-platform.cmake file for the specified platform via a CMake target property called TS_PLATFORM_DRIVER_DEPENDENCIES. The
-translation of the platform dependency information to a suitable build configuration is handled by the platform.cmake file for
-the selected platform. This separation gives a platform provider the freedom to use their own configuration conventions when
-reusing existing drivers.
-
-To allow for out-of-tree platform definitions, the root path for platform definitions may be modified by providing an
-alternative value for TS_PLATFORM_ROOT. Both TS_PLATFORM and TS_PLATFORM_ROOT may be set via the CMake command line or using
-environment variables.
-
-Adapters
---------
-
-As described above, the role of an adapter conforms to the Ports and Adapters pattern. With reference to the hexagonal cell
-representation, an adapter implements an application defined inside interface and adapts it to either an environment interface
-or an outside platform interface. Within the TS project, adapters are treated like any other software component and may be
-reused whenever appropriate. However, because an adapter implements an application defined interface, adapter implementations
-will tend to be tied to a particular application or component. The complexity of adapter implementations can vary a lot and
-will depend on how closely an inside interface matches either an outside interface or an environment interface.
-
-The collection of adapters used for a deployment is defined by the environment specific build file for a deployment. Deployment
-of the same service into a different environment may result in a different set of adapters being used. As each adapter is
-treated as a separate component, a separate component.cmake file exists for each adapter. When an adapter depends on one or
-more platform interfaces, the dependency must be declared in the adapter's component.cmake file. This information forms the
-basis for the platform build configuration.
-
---------------
-
-*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/project-structure.rst b/docs/developer/project-structure.rst
index b69af98..3f0e717 100644
--- a/docs/developer/project-structure.rst
+++ b/docs/developer/project-structure.rst
@@ -93,7 +93,7 @@
For some deployments, an environment may not provide access to all hardware backed services needed by an
application. Files under the platforms directory are concerned with configuring and building platform specific
code that extends the capabilities of an environment. Details of how this works are described in the:
-:ref:`Portability Model`
+:ref:`Service Deployment Model`
components
''''''''''
@@ -206,6 +206,6 @@
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/service-deployment-model.rst b/docs/developer/service-deployment-model.rst
new file mode 100644
index 0000000..9f79999
--- /dev/null
+++ b/docs/developer/service-deployment-model.rst
@@ -0,0 +1,292 @@
+Service Deployment Model
+========================
+A goal of the Trusted Services project is to provide a toolbox of reusable service components
+that can be deployed across a wide range of platforms. The project structure promotes reuse by
+grouping related source files into subdirectories that represent reusable components. Components
+may be configured and combined in different ways to meet the needs of platform integrators who
+aim to create firmware with the right features and tradeoffs for their products.
+
+Within the TS project structure, build files that combine and configure components to create
+deployable firmware images reside under the deployments top-level directory. Beneath the
+deployments parent are sub-directories concerned with building and deploying different
+applications. Applications can generally be classified as one of the following:
+
+ - Service providers
+ - Test suites
+ - Libraries
+ - Development support applications
+
+This page is mainly concerned with describing the conventions used to enable service providers
+to be deployed in different environments, on different platforms and with different capabilities.
+The conventions aim to minimize build definition duplication between alternative deployments
+while offering sufficient flexibility to customize capabilities and support different platforms.
+The service deployment model borrows from a pattern used for deploying cloud services where There
+is a similar requirement for deployment flexibility.
+
+Ports and Adapters Architecture
+-------------------------------
+An application is decoupled from any particular environment via a set of interfaces that reflect
+the needs of the application. This model conforms to the ports and adapters architectural
+pattern that aims to avoid tight coupling between application components and any particular
+environment. This pattern, also known as the hexagonal architecture, is often illustrated as a
+hexagonal cell with the application on the inside and the platform on the outside.
+
+The following diagram illustrates how ports and adapters is applied in the trusted services
+project to provide a model for service provider deployment.
+
+.. image:: image/TSportabilityModel.svg
+
+This deployment model has the following characteristics:
+
+ - The application is decoupled from the environment by a set of virtual interfaces (ports)
+ that reflect the needs of the application.
+ - Ports are realized by a set of adapters. An adapter may:
+
+ * Use a service/device provided by the platform or environment.
+ * Communicate with another service provider.
+ * Provide a self-contained implementation.
+ - The set of adapters that the application depends on represents the infrastructure that is
+ needed to support the application.
+ - Different infrastructure realizations may be needed for different deployments of the same
+ service provider.
+
+Service Deployment Structure
+----------------------------
+By convention, the directory structure for service provider deployments reflects the layers in
+the ports and adapters architecture. The following dependency diagram illustrates the set of
+relationships that exist for a fully defined deployment:
+
+.. uml:: uml/ServiceDeploymentDependencies.puml
+
+To avoid undesirable build definition duplication when adding new deployments of an application,
+the directory structure used to organize files related to different deployments should reflect
+the above model. The following table lists reusable build components that may be used across
+different deployment definitions:
+
+.. list-table::
+ :widths: 10 20 20
+ :header-rows: 1
+
+ * - Build Component
+ - Defines
+ - Reuse Scope
+ * - Application
+ - | Set of components that form the core application to be deployed.
+ - | All deployments of the application.
+ * - Infra
+ - | The set of adapters that realize the ports that the application depends on.
+ | An infrastructure definition may depend on:
+
+ * Environment specific components.
+ * Drivers that conform to a driver model.
+ * Platform specific drivers.
+ - | Any deployment that uses the same infrastructure to support the application.
+ | This will depend on how specific the infrastructure is. An infrastructure
+ | definition may allow for some level of configurability to enable deployment
+ | to impose a particular build configuration. Where an infrastructure includes
+ | adapters that use a well supported driver model (such as UEFI), the scope
+ | for reuse is large.
+ * - Env
+ - | The set of environment specific components that are common across all
+ | deployments of an application for a particular environment.
+ - | All deployments of the application into a specific environment. There is
+ | scope to improve reuse of environment specific components across multiple
+ | deployments.
+ * - Config
+ - | Build configuration variables together with a particular application, infra
+ | and env.
+ - | Depends on how specific the config is.
+
+Deployment Directory Structure
+------------------------------
+Using the block-storage deployment as an example, the deployment directory structure reflects
+the service deployment model as follows::
+
+ deployments
+ |- block-storage
+ |- block-storage.cmake - Common application build definition
+ |- env - Environment specific build definitions
+ |- infra - Alternative infrastructures
+ |- config - Configurations for block-storage deployments
+
+Configuration Definitions
+^^^^^^^^^^^^^^^^^^^^^^^^^
+To build a particular configuration of the block-storage service provider (in this case, one
+that uses flash storage on the N1SDP platform), use::
+
+ cd deployments/block-storage/config/n1sdp-flash
+ cmake -B build
+ cd build
+ make
+
+The CMakeLists.txt file for the n1sdp-flash deployment of the block-storage service provider
+includes:
+
+ - Set TS_PLATFORM to n1sdp platform name
+ - Set any build configuration parameter overrides
+ - Include ``${DEPLOYMENT_ROOT}/env/opteesp.cmake``
+ - Include ``${DEPLOYMENT_ROOT}/infra/edk2-flash.cmake``
+ - Include ``${DEPLOYMENT_ROOT}/block-storage.cmake``
+
+Each alternative deployment of the block-storage service provider is represented by a
+subdirectory under ``${DEPLOYMENT_ROOT}/config``. The number of directories under config is
+likely to grow to accommodate platform variability and different tradeoffs for how the infrastructure
+for an application will be realized.
+
+To support test and to provide a starting point for new config definitions, a default config should
+exist for each supported environment.
+
+Infrastructure Definitions
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+An infrastructure defines a set of adapter components that realize the ports that the application
+depends on. For block-storage deployments, some possible infrastructures are:
+
+.. list-table::
+ :header-rows: 1
+ :widths: 10, 40
+
+ * - Infra Name
+ - Description
+ * - ref-ram
+ - Provides volatile storage using the reference partition configuration. Intended for test.
+ * - edk2-flash
+ - Provides persistent storage using a flash driver that conforms to the EDK2 driver model.
+ * - tfa-flash
+ - Provides persistent storage using a flash driver that conforms to the TF-A driver model.
+ * - rpmb
+ - Provides persistent storage using an RPMB partition, accessed via a Nwd agent.
+
+Platform Support
+----------------
+The Trusted Services project is not intended to be a home for platform specific code such as
+device drivers. Ideally, device drivers and other platform specific code should be reused
+from external upstream repos such as edk2-platforms. The ports and adapters pattern allows
+alternative driver models to be accommodated so different upstream projects with different
+driver models may be used without the need to modify driver code. Where driver reuse from
+an external project is not possible, the platform directory structure can accommodate driver
+components that reside within the TS project.
+
+The ability to accommodate third-party device drivers that conform to different driver models
+is important for enabling TS components to be used across different segments. The EDK2
+project for example can provide a rich source of drivers that conform to the UEFI model.
+UEFI is not however adopted in all product segments.
+
+All files related to supporting different platforms reside beneath the platform top-level
+directory.
+
+Platform Providers
+^^^^^^^^^^^^^^^^^^
+Within the TS project, a platform provider is responsible for adding and maintaining the
+glue that enables platform specific code to be used from a particular source. The platform
+code will either be:
+
+ - Fetched from an upstream repo (preferred)
+ - Added to the TS project.
+
+Each platform provider is represented by a subdirectory beneath ``platform/providers``. For
+Arm provided platforms, the structure will look something like this::
+
+ platform
+ |-- providers
+ |--arm
+ |-- corstone1000
+ |-- fvp
+ |-- fvp_base_aemva
+ |-- fvp_base_revc-2xaemv8a
+ |-- platform.cmake
+
+Under each platform leaf directory is a file called ``platform.cmake``. This file implements
+the common configuration and build interface that will be used during the deployment build
+process. How this interface is realized is entirely down to the platform provider. An
+implementation will do things like setting configuration variables for SoC, board and driver
+selection. Any additional files needed to support platform configuration and build may be
+included within the platform provider's sub-tree.
+
+For product developers who want to define and maintain their own private platforms, it should
+be possible to override the default ``platform/providers`` directory path to allow an
+alternative sub-tree to be used. A product developer is free to organize a private sub-tree
+in any way that suites their needs.
+
+Although the TS project structure doesn't mandate it, platform specific firmware is likely
+to live outside of the TS project. The ability to reuse existing drivers and driver frameworks
+is important for promoting adoption across hardware from different vendors. Board and silicon
+vendors may reuse existing CI and project infrastructure for platform components that they
+maintain.
+
+Platform support that depends on EDK2 platform components is represented by the edk2 platform
+provider. Files related to the EDK2 platform provider are organized as follows::
+
+ platform
+ |- providers
+ |- edk2
+ |- edk2-platforms.cmake - Fetches the upstream edk2-platforms repo
+ |- platform - Directory for platform definitions, organized by contributor
+ |- arm
+ |- n1sdp
+ |- platform.cmake
+
+Some special platforms are provided by the TS project itself. These are represented beneath
+the ts provider. Current TS platforms are:
+
+.. list-table::
+ :header-rows: 1
+ :widths: 10, 90
+
+ * - TS Platform
+ - Purpose
+ * - ``ts/vanilla``
+ - | A platform that never provides any drivers. The ``ts/vanilla`` platform should be used when an environment provides its own
+ | device framework and no additional drivers need to be provided by the platform. An attempt to build a deployment with
+ | platform dependencies on the vanilla platform will result in a build-time error. The vanilla platform is selected by
+ | default at build-time if no explicit platform has been specified.
+ * - ``ts/mock``
+ - | A platform that provides a complete set of drivers that may be selected when building any deployment. The platform uses
+ | mock drivers that don't offer functionality suitable for production builds. The mock platform is useful for CI build
+ | testing of deployments with platform dependencies. You should always expect a deployment with platform dependencies to
+ | build when ``TS_PLATFORM=ts/mock``.
+
+Diver Models
+^^^^^^^^^^^^
+Alternative driver models are represented by subdirectories beneath ``platform/driver_model``.
+Driver code imported from an external project, such as edk2-platforms, will also depend on
+interface and other header files related to the driver model. For drivers reused from
+edk2-platforms, the driver interface header files will define interface structures defined
+by the UEFI specification. The following example illustrates two driver models, one for
+UEFI drivers from the EDK2 project and another for bare-metal drivers that conform to TS
+defined interfaces::
+
+ platform
+ |- driver_model
+ |- edk2
+ |- baremetal
+
+Header files under the driver_model/edk2 directory will either explicitly provide definitions for
+the EDK2 driver model or include definitions from an external component. To maintain compatibility
+with driver code imported from edk2-platforms, sub-directories beneath platform/driver_model/edk2
+should conform to the EDK2 directory structure and naming conventions. The following illustrates
+how UEFI driver model files are organized::
+
+ platform
+ |- driver_model
+ |- edk2
+ |- interface
+ |- Protocol
+ | |- BlockIo.h
+ | |- DiskIo.h
+ | |- FirmwareVolumeBlock.h
+ |
+ |- Library
+ | |- IoLib.h
+ | |- DebugLib.h
+
+Drivers
+^^^^^^^
+The platforms/drivers directory provides a home for CMake files that enable driver code to be built
+as part of the the deployment build process. Source files will either have been fetched from an
+upstream repo or will live under the ``platform/drivers`` parent.
+
+--------------
+
+*Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/software-requirements.rst b/docs/developer/software-requirements.rst
index 700c32d..1449724 100644
--- a/docs/developer/software-requirements.rst
+++ b/docs/developer/software-requirements.rst
@@ -23,16 +23,17 @@
(Note: the compiler part of the OP-TEE build environment works too.)
* For `linux-pc` environment use the native version of GCC available in your Linux distribution.
-To build the documentation, please refer to :ref:`Documentation Build Instructions`.
+ * The `AEM FVP`_ binaries if targeting the FVP platform.
-.. todo:: Add info on commit validation dependencies (checkpatch, uncrustify, etc...)
+To build the documentation, please refer to :ref:`Documentation Build Instructions`.
--------------
.. _OP-TEE documentation: https://optee.readthedocs.io/en/latest/building/gits/build.html#step-4-get-the-toolchains
.. _arm Developer: https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads
.. _CMake download page: https://cmake.org/files/v3.18/
+.. _`AEM FVP`: https://developer.arm.com/-/media/Files/downloads/ecosystem-models/FVP_Base_RevC-2xAEMvA_11.18_16_Linux64.tgz
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/uml/ServiceDeploymentDependencies.puml b/docs/developer/uml/ServiceDeploymentDependencies.puml
new file mode 100644
index 0000000..515a7c5
--- /dev/null
+++ b/docs/developer/uml/ServiceDeploymentDependencies.puml
@@ -0,0 +1,25 @@
+'-------------------------------------------------------------------------------
+' Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+'
+' SPDX-License-Identifier: BSD-3-Clause
+'
+'-------------------------------------------------------------------------------
+
+@startuml
+
+package Deployment
+package Application
+package Infrastructure
+package Environment
+package Platform
+package BuildConfig
+package Adapter
+
+Deployment -down.> Application
+Deployment -down.> Infrastructure
+Deployment -down.> Environment
+Deployment -down.> "0..1" Platform
+Deployment -down.> "0..1" BuildConfig
+Infrastructure -down.> "0..*" Adapter
+
+@enduml
\ No newline at end of file
diff --git a/docs/developer/writing-documentation.rst b/docs/developer/writing-documentation.rst
index eb10449..243dcec 100644
--- a/docs/developer/writing-documentation.rst
+++ b/docs/developer/writing-documentation.rst
@@ -40,14 +40,15 @@
CMake
'''''
-.. todo:: Add content about how to document cmake scripts.
-
+The project uses the ""`moderncmakedomain`_" Sphinx extension. This allows adding inline documentation to cmake files.
+For details please refer to the documentation of the plugin.
--------------
.. _`Restructured Text`: https://docutils.sourceforge.io/rst.html
.. _`Sphinx`: https://www.sphinx-doc.org
+.. _`moderncmakedomain`: https://github.com/scikit-build/moderncmakedomain
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/deployment-guides/fvp-deployment-guide.rst b/docs/environments/deployment-guides/fvp-deployment-guide.rst
deleted file mode 100644
index eeb9078..0000000
--- a/docs/environments/deployment-guides/fvp-deployment-guide.rst
+++ /dev/null
@@ -1,86 +0,0 @@
-Deploying Programs on FVP
-=========================
-This page explains how to load and run user space programs on a Linux image running in FVP simulation.
-The loaded programs may use any trusted services that are available as part of the image firmware.
-
-To prepare and run an image that includes trusted services running in S-EL0 secure partitions under
-OP-TEE. see:
-:ref:`Deploying trusted services in S-EL0 Secure Partitions under OP-TEE`
-
-Shared directory
-----------------
-The OP-TEE image built for the FVP virtual platform supports directory sharing between the running
-OS and the host computer. This provides a convenient way to transfer files between the host and
-the device simulation. When the FVP is run using the *run-only* target in *fvp.mk*, the shared
-directory is set-up automatically.
-
-On the host, the shared directory is located here::
-
- optee/shared
-
-On the simulated device, running under FVP, a mount is created here::
-
- /mnt
-
-Deploying service level tests
------------------------------
-As an example of how to load and run programs, the *ts-service-test* binary executable is used.
-The build file for the *arm-linux* deployment of *ts-service-test* lives under::
-
- trusted-services/deployments/ts-service-test/arm-linux
-
-The executable includes service level test cases that exercise trusted services via their
-standard interfaces. Test cases use *libts* for locating services and establishing RPC
-sessions. *ts-service-test* provides a useful reference for understanding how *libts* may
-be used for accessing trusted services.
-
-The build file for the *arm-linux* deployment of *libts* lives under::
-
- trusted-services/deployments/libts/arm-linux
-
-Trusted service build instructions are here:
-:ref:`Build Instructions`
-
-Having built *ts-service-test* and *libts* for the *arm-linux* environment, the steps
-are required.
-
-Copy files to share directory
-'''''''''''''''''''''''''''''
-Assuming that the *OP-TEE* and *trusted-services* projects are located under a common
-parent directory, the following files need to be copied from the host using::
-
- cp trusted-services/deployments/libts/arm-linux/build/install/lib/libts.so optee/shared/.
- cp trusted-services/deployments/ts-service-test/arm-linux/build/install/bin/ts-service-test optee/shared/.
-
-Installing libts.so
-'''''''''''''''''''
-Having copied *libts.so* to the shared directory, it needs to be copied to one of the standard
-lib directories so that it is located when a dependent program is started. From the terminal
-command prompt for the booted FVP, use::
-
- cd /mnt
- cp libts.so /usr/lib/.
-
-Running the program executable
-''''''''''''''''''''''''''''''
-The *ts-service-test* program may be run directly from the */mnt* directory using::
-
- ./ts-service-test -v
-
-If all is well, you should see something like::
-
- TEST(E2EcryptoOpTests, generateRandomNumbers) - 3 ms
- TEST(E2EcryptoOpTests, asymEncryptDecrypt) - 8 ms
- TEST(E2EcryptoOpTests, signAndVerifyHash) - 29 ms
- TEST(E2EcryptoOpTests, exportAndImportKeyPair) - 17 ms
- TEST(E2EcryptoOpTests, exportPublicKey) - 10 ms
- TEST(E2EcryptoOpTests, generatePersistentKeys) - 34 ms
- TEST(E2EcryptoOpTests, generateVolatileKeys) - 16 ms
-
- OK (7 tests, 7 ran, 56 checks, 0 ignored, 0 filtered out, 117 ms)
-
---------------
-
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/deployment-guides/opteesp-deployment-guide.rst b/docs/environments/deployment-guides/opteesp-deployment-guide.rst
deleted file mode 100644
index e71140f..0000000
--- a/docs/environments/deployment-guides/opteesp-deployment-guide.rst
+++ /dev/null
@@ -1,97 +0,0 @@
-Deploying trusted services in S-EL0 Secure Partitions under OP-TEE
-==================================================================
-
-Trusted services built for the *opteesp* environment may be deployed to run within S-EL0 secure
-partitions, managed by OP-TEE. Secure partitions are loaded and run by OP-TEE using the early-TA
-feature where a set of TAs or SPs are loaded during OP-TEE initialization. This feature relies on
-SP images being incorporated into the *OP-TEE OS* image at build time. It is therefore necessary to
-have access to the OP-TEE build environment and tools in order to deploy SP images.
-
-Tool prerequisites and general build instruction for OP-TEE are described here:
-`<https://optee.readthedocs.io/en/latest/building/gits/build.html>`_
-
-Download page for Arm Fixed Virtual Platforms (FVP):
-`<https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms>`_
-
-Incorporating SP images into the *OP-TEE OS* image
---------------------------------------------------
-
-The set of SP images to include in the built *OP-TEE OS* image are specified to the *OP-TEE OS*
-build by the EARLY_TA_PATHS make variable. The EARLY_TA_PATHS variable should be assigned a string
-containing a space separated list of file paths for each SP image file to include. SP images
-that need to be deployed from the Trusted Services project will be located in the install directory,
-specified when the SP images where built i.e.::
-
- <CMAKE_INSTALL_PREFIX>/bin
-
-The following example illustrates a setting of the EARLY_TA_PATHS variable to deploy the Secure Storage
-SP and Crypto SP::
-
- EARLY_TA_PATHS="ts-install-dir/bin/dc1eef48-b17a-4ccf-ac8b-dfcff7711b14.stripped.elf \
- ts-install-dir/bin/d9df52d5-16a2-4bb2-9aa4-d26d3b84e8c0.stripped.elf"
-
-To help with integration with the OP-TEE build system, the installation step for a deployment to the
-*opteesp* environment includes the generation of a simple makefile that extends the EARLY_TA_PATHS
-variable for the particular deployment. For example, the generated makefile for the crypto SP
-contains::
-
- OPTEE_OS_COMMON_EXTRA_FLAGS+=EARLY_TA_PATHS+=${TS_INSTALL_PREFIX}/bin/d9df52d5-16a2-4bb2-9aa4-d26d3b84e8c0.stripped.elf
-
-The generated makefile is installed to::
-
- <CMAKE_INSTALL_PREFIX>/lib/make
-
-Reference OP-TEE build with PSA RoT Services
---------------------------------------------
-To provide an example integration of OP-TEE with a set of trusted services, a makefile called *fvp_ffa.mk*
-is included in the OP-TEE build repository that builds OP-TEE OS with a set of SP images that provide PSA
-RoT services. SP images are built using the standard trusted services build flow and are automatically
-injected into the *optee_os* build using the early TA feature described above.
-
-A bootable Linux image is created that is intended to run on the Arm FVP virtual platform. The built image
-includes user space programs that may be used to test and demonstrate the deployed trusted services.
-
-Setting up the OP-TEE build environment
-'''''''''''''''''''''''''''''''''''''''
-To help setup the OP-TEE build environment, a manifest file called *psa-sp-fvp.xml* is included in OP-TEE
-manifests repository. This may be used with the *repo* tool to manage the set of git repositories. Note
-that this manifest relies on SSH access to *github.com* so ensure that you have installed a suitable public
-key into your *github* account.
-
-Having created a new directory for the OP-TEE build environment, the required set of git repositories can
-be cloned and fetched using::
-
- repo init -u https://git.trustedfirmware.org/OP-TEE/manifest.git -b psa-development -m psa-sp-fvp.xml
- repo sync
-
-Building the reference OP-TEE image
-'''''''''''''''''''''''''''''''''''
-To build the bootable image that includes OP-TEE and the set of secure partition images that hold the
-PSA RoT services, use the following (from your OP-TEE root directory)::
-
- cd build
- make -f fvp_ffa.mk all
-
-This will take many tens of minutes to complete.
-
-Running the reference OP-TEE image on FVP
-'''''''''''''''''''''''''''''''''''''''''
-The fvp makefile includes a *run* and *run-only* target which can be used to start the FVP model and
-boot the built image. The example assumes that the FVP model has been installed in the following
-directory relative to the OP-TEE build directory::
-
- ../Foundation_Platformpkg/models/Linux64_GCC-6.4/
-
-To boot the built image on FVP without building, use::
-
- make run-only FVP_PATH=../Foundation_Platformpkg/models/Linux64_GCC-6.4/
-
-For information on running user space programs on FVP, see:
-
-:ref:`Deploying Programs on FVP`
-
---------------
-
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/index.rst b/docs/environments/index.rst
index a244827..599e88e 100644
--- a/docs/environments/index.rst
+++ b/docs/environments/index.rst
@@ -1,16 +1,20 @@
-Processing Environments
-=======================
+Environments
+============
+
+Depending on Arm architecture and SoC capabilities, there may be different options for
+implementing hardware-backed isolation for protecting security sensitive workloads and
+their assets. The Trusted Services project decouples service related components from
+any particular environment, enabling services to be deployed in different environments.
+This section provides information about supported secure processing environments.
.. toctree::
:maxdepth: 1
- :caption: Contents:
+ :caption: Supported Environments:
- ffa/libsp
- deployment-guides/fvp-deployment-guide.rst
- deployment-guides/opteesp-deployment-guide.rst
+ secure-partitions/index
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/secure-partitions/ff-a/index.rst b/docs/environments/secure-partitions/ff-a/index.rst
new file mode 100644
index 0000000..e474433
--- /dev/null
+++ b/docs/environments/secure-partitions/ff-a/index.rst
@@ -0,0 +1,18 @@
+Firmware Framework for Armv8-A
+==============================
+The |FF-A| specification defines a software architecture that isolates Secure world firmware images from each other. The
+specification defines interfaces that standardize communication between various images. This includes communication
+between images in the Secure world and Normal world.
+
+The Trusted Services project includes service providers that may be deployed within FF-A S-EL0 secure partitions. This
+includes service providers that form the security foundations needed for meeting PSA Certified requirements. Other secure
+partitions are available such as the SMM Gateway to provide Secure world backing for UEFI services.
+
+The component :ref:`libsp` captures helpful abstractions to allow easy FF-A compliant S-EL0 SP development. S-EL0 SPs
+are SPMC agonistic and can be used with an SPMC running in any higher secure exception level (S-EL1 - S-EL3).
+
+--------------
+
+*Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/secure-partitions/index.rst b/docs/environments/secure-partitions/index.rst
new file mode 100644
index 0000000..5680a92
--- /dev/null
+++ b/docs/environments/secure-partitions/index.rst
@@ -0,0 +1,40 @@
+Secure Partitions
+=================
+
+:term:`Secure Partitions<Secure Partition>` are defined by the :term:`FF-A` standard
+
+Secure partitions are isolated processing environments managed by a Secure Partition Manager (SPM).
+An SPM performs the role of hypervisor for the Arm Secure State and is responsible for managing
+SP initialization, memory management and messaging. The Arm Firmware Framework for A-Profile (FF-A)
+specification (`FF-A Specification`_) defines the set of firmware features that enable the use of
+secure partitions for protecting sensitive workloads.
+
+The Armv8.4 architecture introduces the virtualization extension in the Secure state. For silicon
+based on Armv8.4 (or above) that implement the Secure-EL2 extension, the `Hafnium Project`_
+provides a reference SPMC implementation. For pre-Arm8.4 silicon, the `OP-TEE Project`_ provides
+an alternative reference SPMC implementation.
+
+Within the Trusted Services, the environments realized by the two reference SPM implementations
+are named as follows:
+
+ * *hfsp* - for service deployment under Hafnium
+ * *opteesp* - for service deployment under OP-TEE
+
+.. toctree::
+ :maxdepth: 1
+ :caption: Contents:
+
+ ff-a/index
+ spm/optee/index
+ spm/hafnium/index
+ libsp
+
+--------------
+
+.. _`FF-A Specification`: https://developer.arm.com/documentation/den0077/latest
+.. _`Hafnium Project`: https://www.trustedfirmware.org/projects/hafnium/
+.. _`OP-TEE Project`: https://www.trustedfirmware.org/projects/op-tee/
+
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/ffa/libsp.rst b/docs/environments/secure-partitions/libsp.rst
similarity index 100%
rename from docs/environments/ffa/libsp.rst
rename to docs/environments/secure-partitions/libsp.rst
diff --git a/docs/environments/secure-partitions/spm/hafnium/index.rst b/docs/environments/secure-partitions/spm/hafnium/index.rst
new file mode 100644
index 0000000..e6559c7
--- /dev/null
+++ b/docs/environments/secure-partitions/spm/hafnium/index.rst
@@ -0,0 +1,19 @@
+S-EL1 Secure Partitions under Hafnium
+=====================================
+
+.. toctree::
+ :maxdepth: 1
+ :caption: Contents:
+
+*Note: The Arm Total Compute solution is the current reference for running SPs for meeting
+PSA Certified requirements under Hafnium. The 'hfsp_shim' environment is used for deploying
+service providers under Hafnium. Files related to this environment are still in-flux and
+have not yet been up-streamed to TS.* See `Total Compute`_
+
+--------------
+
+.. _`Total Compute`: https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/total-compute-solution
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/secure-partitions/spm/optee/index.rst b/docs/environments/secure-partitions/spm/optee/index.rst
new file mode 100644
index 0000000..2149880
--- /dev/null
+++ b/docs/environments/secure-partitions/spm/optee/index.rst
@@ -0,0 +1,15 @@
+S-EL0 Secure Partitions under OP-TEE
+====================================
+
+.. toctree::
+ :maxdepth: 1
+ :caption: Contents:
+
+ userspace-programs-on-fvp
+ opteesp-deployment-guide
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/secure-partitions/spm/optee/opteesp-deployment-guide.rst b/docs/environments/secure-partitions/spm/optee/opteesp-deployment-guide.rst
new file mode 100644
index 0000000..233a189
--- /dev/null
+++ b/docs/environments/secure-partitions/spm/optee/opteesp-deployment-guide.rst
@@ -0,0 +1,91 @@
+Deploying trusted services in S-EL0 Secure Partitions under OP-TEE
+==================================================================
+
+Trusted services built for the *opteesp* environment may be deployed to run within S-EL0 secure
+partitions, managed by OP-TEE. The current implementation of the OP-TEE SPMC supports booting SPs
+embedded into the OP-TEE OS binary (similar to early-TAs) or from the FIP.
+
+Tool prerequisites and general build instruction for OP-TEE are described here:
+`<https://optee.readthedocs.io/en/latest/building/gits/build.html>`_
+
+Download page for Arm Fixed Virtual Platforms (FVP):
+`<https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms>`_
+
+
+Embedding SP images into the *OP-TEE OS* image
+----------------------------------------------
+
+The set of SP images to include in the built *OP-TEE OS* image are specified to the *OP-TEE OS*
+build by the ``SP_PATHS`` make variable. The ``SP_PATHS`` variable should be assigned a string
+containing a space separated list of file paths for each SP image file to include. SP images
+that need to be deployed from the Trusted Services project will be located in the install directory,
+specified when the SP images where built i.e.::
+
+ <CMAKE_INSTALL_PREFIX>/opteesp/bin
+
+The following example illustrates a setting of the ``SP_PATHS`` variable to deploy the Secure Storage
+SP and Crypto SP::
+
+ SP_PATHS="ts-install-dir/opteesp/bin/dc1eef48-b17a-4ccf-ac8b-dfcff7711b14.stripped.elf \
+ ts-install-dir/opteesp/bin/d9df52d5-16a2-4bb2-9aa4-d26d3b84e8c0.stripped.elf"
+
+
+Reference OP-TEE build with PSA RoT Services
+--------------------------------------------
+
+To provide an example integration of OP-TEE with a set of trusted services, a makefile called
+*fvp-ps-sp.mk* is included in the OP-TEE build repository that builds OP-TEE OS with a set of SP
+images. SP images are built using the standard trusted services build flow and are automatically
+injected into the *optee_os* build using the TA feature described above.
+
+A bootable Linux image is created that is intended to run on the Arm AEM FVP virtual platform. The
+built image includes user space programs that may be used to test and demonstrate the deployed
+trusted services.
+
+
+Getting build dependencies
+''''''''''''''''''''''''''
+
+To help setup the workspace, a manifest file called *fvp-ts.xml* is included in OP-TEE manifests
+repository. This may be used with the *repo* tool to manage the set of git repositories.
+
+Having created a new directory for the workspace, the required set of git repositories can be cloned
+and fetched using::
+
+ repo init -u https://github.com/OP-TEE/manifest.git -b master -m fvp-ts.xml
+ repo sync
+
+
+Building the reference OP-TEE image
+'''''''''''''''''''''''''''''''''''
+
+To build the bootable image that includes OP-TEE and the set of secure partition images that hold the
+PSA RoT services, use the following (from the root directory of the workspace)::
+
+ make -C build
+
+This will take many tens of minutes to complete.
+
+
+Running the reference OP-TEE image on FVP
+'''''''''''''''''''''''''''''''''''''''''
+
+The fvp makefile includes a *run* and *run-only* target which can be used to start the FVP model and
+boot the built image. The example assumes that the FVP model has been installed in the following
+directory relative to the OP-TEE build directory::
+
+ ../Base_RevC_AEMvA_pkg/models/Linux64_GCC-9.3
+
+To boot the built image on FVP without building, use::
+
+ FVP_PATH=../Base_RevC_AEMvA_pkg/models/Linux64_GCC-9.3 make run-only
+
+For information on running user space programs on FVP, see:
+
+:ref:`Running User-space Programs on FVP`
+
+--------------
+
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/environments/secure-partitions/spm/optee/userspace-programs-on-fvp.rst b/docs/environments/secure-partitions/spm/optee/userspace-programs-on-fvp.rst
new file mode 100644
index 0000000..e364839
--- /dev/null
+++ b/docs/environments/secure-partitions/spm/optee/userspace-programs-on-fvp.rst
@@ -0,0 +1,150 @@
+Running user-space programs on FVP
+==================================
+
+This page explains how to load and run user space programs on a Linux image running in FVP simulation.
+The loaded programs may use any trusted services that are available as part of the image firmware.
+
+To prepare and run an image that includes trusted services running in S-EL0 secure partitions under
+OP-TEE see: :ref:`Deploying trusted services in S-EL0 Secure Partitions under OP-TEE`
+
+The example assumes that the FVP model has been installed in the following
+directory relative to the OP-TEE build directory::
+
+ ../Base_RevC_AEMvA_pkg/models/Linux64_GCC-9.3
+
+
+Shared directory
+----------------
+
+The AEM FVP supports directory sharing between the target and the host OS. This provides a
+convenient way to transfer files between the host and the device simulation. When the FVP is run
+using the *run-only* target from the *op-tee/build* repository, the shared directory is set-up
+automatically. The whole "workspace" is shared to the FVP and mounted under ``/mnt/host``.
+
+
+Running service level tests
+---------------------------
+
+Most test and demo applications are integrated into the OP-TEE build flow, and can be build using
+the makefiles in the ``op-tee/build`` repository.
+
+To build all such binaries build the ``ffa-test-all`` target. For available targets please refer to
+fvp-psa-sp.mk_. As an example to build the ``ts-service-test`` application execute the following
+commands from the root of the workspace::
+
+ make -C build ffa-ts-service-test
+
+The executable includes service level test cases that exercise trusted services via their
+standard interfaces. Test cases use *libts* for locating services and establishing RPC
+sessions. *ts-service-test* provides a useful reference for understanding how *libts* may
+be used for accessing trusted services.
+
+Build output will be copied to ``out/ts-install``.
+
+To build the applications without using the ``op-tee/build`` files refer to the instructions here:
+:ref:`Build Instructions`
+
+Run *ts-service-test*
+'''''''''''''''''''''
+
+To start the FVP, from the root directory of the workspace, enter::
+
+ FVP_PATH=../Base_RevC_AEMvA_pkg/models/Linux64_GCC-9.3 make -C build run-only
+
+Once it boots to the login prompt, log in as root and from the FVP terminal, enter::
+
+ # Enter the mount target for the shared directory
+ cd /mnt/host
+
+ # Install the shared library and executables
+ cp -vat /usr out/ts-install/arm-linux/lib out/ts-install/arm-linux/bin
+
+ # Load the kernel modules
+ out/linux-arm-ffa-tee/load_module.sh
+ out/linux-arm-ffa-user/load_module.sh
+
+ # Run the test application
+ ts-service-test -v
+
+Use the same flow for other user-space programs. Check the output of the ``cp`` command executed to see
+executables copied under ``/usr/bin``.
+
+If all is well, you should see something like::
+
+ TEST(PsServiceTests, createAndSetExtended) - 0 ms
+ TEST(PsServiceTests, createAndSet) - 0 ms
+ TEST(PsServiceTests, storeNewItem) - 0 ms
+ TEST(ItsServiceTests, storeNewItem) - 0 ms
+ TEST(AttestationProvisioningTests, provisionedIak) - 1 ms
+ TEST(AttestationProvisioningTests, selfGeneratedIak) - 1 ms
+ TEST(AttestationServiceTests, repeatedOperation) - 75 ms
+ TEST(AttestationServiceTests, invalidChallengeLen) - 0 ms
+ TEST(AttestationServiceTests, checkTokenSize) - 2 ms
+ TEST(CryptoKeyDerivationServicePackedcTests, deriveAbort) - 0 ms
+ TEST(CryptoKeyDerivationServicePackedcTests, hkdfDeriveBytes) - 0 ms
+ TEST(CryptoKeyDerivationServicePackedcTests, hkdfDeriveKey) - 0 ms
+ TEST(CryptoMacServicePackedcTests, macAbort) - 0 ms
+ TEST(CryptoMacServicePackedcTests, signAndVerify) - 1 ms
+ TEST(CryptoCipherServicePackedcTests, cipherAbort) - 0 ms
+ TEST(CryptoCipherServicePackedcTests, encryptDecryptRoundtrip) - 0 ms
+ TEST(CryptoHashServicePackedcTests, hashAbort) - 0 ms
+ TEST(CryptoHashServicePackedcTests, hashAndVerify) - 0 ms
+ TEST(CryptoHashServicePackedcTests, calculateHash) - 0 ms
+ TEST(CryptoServicePackedcTests, generateRandomNumbers) - 0 ms
+ TEST(CryptoServicePackedcTests, asymEncryptDecryptWithSalt) - 14 ms
+ TEST(CryptoServicePackedcTests, asymEncryptDecrypt) - 1 ms
+ TEST(CryptoServicePackedcTests, signAndVerifyEat) - 4 ms
+ TEST(CryptoServicePackedcTests, signAndVerifyMessage) - 4 ms
+ TEST(CryptoServicePackedcTests, signAndVerifyHash) - 4 ms
+ TEST(CryptoServicePackedcTests, exportAndImportKeyPair) - 1 ms
+ TEST(CryptoServicePackedcTests, exportPublicKey) - 1 ms
+ TEST(CryptoServicePackedcTests, purgeKey) - 0 ms
+ TEST(CryptoServicePackedcTests, copyKey) - 1 ms
+ TEST(CryptoServicePackedcTests, generatePersistentKeys) - 1 ms
+ TEST(CryptoServicePackedcTests, generateVolatileKeys) - 0 ms
+ TEST(CryptoServiceProtobufTests, generateRandomNumbers) - 1 ms
+ TEST(CryptoServiceProtobufTests, asymEncryptDecryptWithSalt) - 15 ms
+ TEST(CryptoServiceProtobufTests, asymEncryptDecrypt) - 1 ms
+ TEST(CryptoServiceProtobufTests, signAndVerifyMessage) - 4 ms
+ TEST(CryptoServiceProtobufTests, signAndVerifyHash) - 4 ms
+ TEST(CryptoServiceProtobufTests, exportAndImportKeyPair) - 1 ms
+ TEST(CryptoServiceProtobufTests, exportPublicKey) - 0 ms
+ TEST(CryptoServiceProtobufTests, generatePersistentKeys) - 1 ms
+ TEST(CryptoServiceProtobufTests, generateVolatileKeys) - 1 ms
+ TEST(CryptoServiceLimitTests, volatileRsaKeyPairLimit) - 99 ms
+ TEST(CryptoServiceLimitTests, volatileEccKeyPairLimit) - 22 ms
+ TEST(DiscoveryServiceTests, checkServiceInfo) - 0 ms
+ TEST(SmmVariableAttackTests, getCheckPropertyWithMaxSizeName) - 0 ms
+ TEST(SmmVariableAttackTests, getCheckPropertyWithOversizeName) - 0 ms
+ TEST(SmmVariableAttackTests, setCheckPropertyWithMaxSizeName) - 0 ms
+ TEST(SmmVariableAttackTests, setCheckPropertyWithOversizeName) - 0 ms
+ TEST(SmmVariableAttackTests, enumerateWithSizeMaxNameSize) - 0 ms
+ TEST(SmmVariableAttackTests, enumerateWithOversizeName) - 0 ms
+ TEST(SmmVariableAttackTests, setAndGetWithSizeMaxNameSize) - 0 ms
+ TEST(SmmVariableAttackTests, setAndGetWithOversizeName) - 0 ms
+ TEST(SmmVariableAttackTests, setWithSizeMaxNameSize) - 0 ms
+ TEST(SmmVariableAttackTests, setWithOversizeName) - 0 ms
+ TEST(SmmVariableAttackTests, setWithSizeMaxDataSize) - 0 ms
+ TEST(SmmVariableAttackTests, setWithOversizeData) - 0 ms
+ TEST(SmmVariableServiceTests, checkMaxVariablePayload) - 0 ms
+ TEST(SmmVariableServiceTests, setSizeConstraint) - 0 ms
+ TEST(SmmVariableServiceTests, enumerateStoreContents) - 0 ms
+ TEST(SmmVariableServiceTests, getVarSizeNv) - 0 ms
+ TEST(SmmVariableServiceTests, getVarSize) - 0 ms
+ TEST(SmmVariableServiceTests, setAndGetNv) - 1 ms
+ TEST(SmmVariableServiceTests, setAndGet) - 0 ms
+ TEST(TestRunnerServiceTests, runSpecificTest) - 0 ms
+ TEST(TestRunnerServiceTests, runConfigTests) - 0 ms
+ TEST(TestRunnerServiceTests, listPlatformTests) - 0 ms
+ TEST(TestRunnerServiceTests, runAllTests) - 0 ms
+ TEST(TestRunnerServiceTests, listAllTests) - 0 ms
+
+ OK (67 tests, 67 ran, 977 checks, 0 ignored, 0 filtered out, 261 ms)
+
+--------------
+
+.. _fvp-psa-sp.mk :https://github.com/OP-TEE/build/blob/master/fvp-psa-sp.mk
+
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/global_substitutions.txt b/docs/global_substitutions.txt
index 3e74ba7..8011fc6 100644
--- a/docs/global_substitutions.txt
+++ b/docs/global_substitutions.txt
@@ -11,6 +11,7 @@
.. |SEMVER| replace:: `Semantic Versioning`_
.. |PSA| replace:: :term:`PSA`
.. |FF-A| replace:: :term:`FF-A`
+.. |TRUSTZONE| replace:: :term:`TrustZone`
.. _`TS Mailing List`: https://lists.trustedfirmware.org/mailman3/lists/trusted-services.lists.trustedfirmware.org/
.. _`TS repository`: https://review.trustedfirmware.org/admin/repos/TS/trusted-services
diff --git a/docs/index.rst b/docs/index.rst
index cb44e2c..1135ba7 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -1,51 +1,66 @@
Trusted Services Documentation
==============================
The Trusted Services project provides a framework for developing and deploying device
-root-of-trust services across a range of secure processing environments such as those
-provided by OP-TEE and Hafnium.
+root-of-trust services for A-profile devices. Alternative secure processing environments
+are supported to accommodate the diverse range of isolation technologies available to
+system integrators.
.. raw:: html
<ul class="grid">
<li class="grid-item">
<a href="overview/index.html">
- <img alt="" src="_static/images/tfm.png"/>
- <h2>About trusted services</h2>
+ <img alt="" src="_static/images/tfm-introduction.png"/>
+ <h2>Introduction</h2>
</a>
<p></p>
</li>
<li class="grid-item">
<a href="project/index.html">
- <img alt="" src="_static/images/tfm.png"/>
- <h2>About the project</h2>
+ <img alt="" src="_static/images/tfm-contribution.png"/>
+ <h2>About the Project</h2>
</a>
<p></p>
</li>
<li class="grid-item">
- <a href="developer/index.html">
- <img alt="" src="_static/images/tfm.png"/>
- <h2>Developer Docs</h2>
+ <a href="quickstart/index.html">
+ <img alt="" src="_static/images/tfm-documentation.png"/>
+ <h2>Quick Start Guides</h2>
+ </a>
+ <p></p>
+ </li>
+ <li class="grid-item">
+ <a href="services/index.html">
+ <img alt="" src="_static/images/tfm-integration.png"/>
+ <h2>Services</h2>
</a>
<p></p>
</li>
<li class="grid-item">
<a href="environments/index.html">
<img alt="" src="_static/images/tfm.png"/>
- <h2>Processing Environments</h2>
+ <h2>Secure Processing Environments</h2>
</a>
<p></p>
</li>
<li class="grid-item">
- <a href="security/index.html">
- <img alt="" src="_static/images/tfm.png"/>
- <h2>Security Model</h2>
+ <a href="deployments/index.html">
+ <img alt="" src="_static/images/tfm-release.png"/>
+ <h2>Deployments</h2>
</a>
<p></p>
</li>
<li class="grid-item">
- <a href="standards/index.html">
+ <a href="developer/index.html">
+ <img alt="" src="_static/images/tfm-reference.png"/>
+ <h2>Developer Documents</h2>
+ </a>
+ <p></p>
+ </li>
+ <li class="grid-item">
+ <a href="certification/index.html">
<img alt="" src="_static/images/tfm.png"/>
- <h2>Standards Compliance</h2>
+ <h2>Platform Certification</h2>
</a>
<p></p>
</li>
@@ -58,13 +73,17 @@
overview/index
project/index
+ quickstart/index
developer/index
+ services/index
environments/index
security/index
- standards/index
+ deployments/index
+ certification/index
+ target-platforms/index
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/overview/example-usage.rst b/docs/overview/example-usage.rst
new file mode 100644
index 0000000..68422ba
--- /dev/null
+++ b/docs/overview/example-usage.rst
@@ -0,0 +1,45 @@
+Solving Common Security Problems
+================================
+
+The following are examples of how trusted services can solve common device security problems.
+
+
+Protecting IoT device identity
+------------------------------
+
+During the provisioning process, an IoT device is assigned a secure identity that consists of a public/private
+key pair and a CA signed certificate that includes the public key. The device is also provisioned with the
+public key corresponding to the cloud service that it will operate with. The provisioned material is used
+whenever a device connects to the cloud during the authentication process. To prevent the possibility
+of device cloning or unauthorized transfer to a different cloud service, all provisioned material must be
+held in secure storage and access to the private key must be prevented. To achieve this, the certificate
+verification and nonce signing performed during the TLS handshake is performed by the Crypto trusted service
+that performs the operations without exposing the private key.
+
+
+Protecting Software Updates
+---------------------------
+
+To ensure that software updates applied to a device originate from a legitimate source, update packages are
+signed. A signed package will include a signature block that includes a hash of the package contents within
+the signed data. During the update process, a device will verify the signature using a provisioned public key
+that corresponds to the signing key used by the update originator. By holding the public key in secure storage
+and performing the signature verification using the Crypto service, unauthorized modification of the update
+source is prevented.
+
+
+Secure Logging
+--------------
+
+A managed IoT device will often be configured by an installation engineer who has physical access to the
+device. To allow a cloud operator to audit configuration changes, it is necessary to keep a log of
+configuration steps performed by the installation engineer. To avoid the possibility of fraudulent
+modification of the audit log, a device signs log data using a device unique key-pair. The public key
+corresponding to the signing private key may be retrieved by the cloud operator to allow the log to
+be verified. To protect the signing key, the Crypto service is used for signing log records.
+
+--------------------
+
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/overview/image/TsReferencePlatform.svg b/docs/overview/image/TsReferencePlatform.svg
new file mode 100644
index 0000000..1bc7a15
--- /dev/null
+++ b/docs/overview/image/TsReferencePlatform.svg
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Do not edit this file with editors other than diagrams.net -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="1071px" height="631px" viewBox="-0.5 -0.5 1071 631" content="<mxfile host="confluence.arm.com" modified="2022-04-29T15:26:49.665Z" agent="5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" etag="qAat_TDOYu75N8qs_XeF" version="15.9.1" type="atlas"><mxAtlasLibraries/><diagram id="3S9PIcjPeEhHK4FUF1jD" name="Page-1">7Vxbd6JIEP41njP7wByaBsRH4yU7u8mMWbObzdMeAq0yQZtp2qj59dsoIHS3lzGgDMk8ZKC4f99HdVV1YQN2pstrYgeTW+wiv6Gp7rIBuw1NAy1NZf9FltXGYra0jWFMPDfeaWsYeq8oNsbHjeeei8LcjhRjn3pB3ujg2Qw5NGezCcGL/G4j7OevGtjj+Irq1jB0bB8Juz14Lp1srJaR2ft35I0nyZWBGm+Z2snOsSGc2C5eZEyw14AdgjHdLE2XHeRH4CW4bI7r79ia3hhBM3rMAdPXL8H8v+uH3uvjP8r0zn3ovr4o8VlebH8eP/C3gXLf6zHbt2F833SVgEHwfOai6HxqA14tJh5Fw8B2oq0LRj+zTejUZ2uALY483+9gH5P1sVBVDRWNmD2kBD+j3BbQvepER+AZzdhH63/MLj5pctuIULTMmOInv0Z4iihZsV3irYoesxDLECYELrakwlZsm2QITWx2rKNxeuot1GwhRvsnkNcE5IeDW2boYILqBLzGAW+KwANNAnyzLOChAHy/r7SZpX31pVDgbdXQNFcGvNkFfVUtF/jmZyMHvA5F4E1DxF0rC3ddFDxy5pHY1Vs88ygDQTN9dhdXT9HSOFr6dM+o+a1Or4PBOSKjKdJiyRyRWRYvxg5H1PXCwKbOBJE64a/x8KfvySGHpBslEWAKBAiAo5nbjoIZtub4dhh6zhpAm1DRnIGe4URW/0Y0sYeMVx+z27rLmMPN2ipZW3o0cxhbe8xs2R4UrSTH7CQnxHPioMMCZE8zRvSw40ZuErHtoDpDpCHhMbER5NvUe8nHeTJy4ysMsMeeLFUSsDgl6dwLunnu+KhsXMadSIP5E+l8yLEBRjjRWmvpY58uP+uw/N7yvrs2skaO8L7P8AyVE9oBiUeVhnbAKMultgRIO2QVUCwOcMNBjZ2rpopMNM8ZYydJpCTmEIhg8UeUCtaboWbVCBLzzzaliI1s1MOzmpMBTKNibEhy0tsoFLy2KVrYq5rzkYbYleHjnaSqCuCT1RTTSyWrQMxWawl9U6sc8mI+WkvkgVk90YuZaC2h18zqqb4pQC8AfrEiANBBpgygqJ9V1dxbC4hWBoh4DBtEGm+tDyTTPofqA6DaBQJd5cRzaoEA8nlryQUCcESF4GLahE3t6BLVhWSpf8iyFFmKVZbCZJnKy2SOueLyMj7kVYa8kqG+kl7PMlq/xIhsfmizFG2KhZp92oxr7a4dTtbxOsjLcacOKkKbwtVlDHgibfyJ+BaDslkTyzlJRS1KdnL0mT/mONmghOuuqCgPA1aw3G5Mq3DJPPoDJr6bnJPd4+a0m50EgbBkieaFIJ2hyWZuscn2vfEscm5MMJE3uYpSL8+x/Xa8Yeq5bnQZaVaYzxt3iu/kojaQlO2kE7pFJHOPxt3j0g17hjruqtevFLe+/yHpdIh6qdQ/EZlF3XEF5tGm3jStpiyPhkCHhl5y3Q7u8oMZ6NNOvqJLplLoxZiwlhUMRTOE/h5dxL6sEoYUesnswd+9PkNdHSLy4jkorJP0+T4eXZN4HeucXufdzBboFl++u7z2xaJ1oYiX30TBu3JZF4XUlRfSRSEHVSxHd3wPrSOldhDUyZtAkEdfNvUocyaljaOSevRguPYlg2J9ieMgYySd8oUmbEG3KIBVruAvaUOWze2W5jEk5YW6ils7oi3orOJOn0GCve89/Yr61kDV9P1zJYrzls80vnoGkqpvwdWzfelhtnq2d/yrSBkGcK+xcWr1DHAJu15e9UwuTVkdpirSbIKsNkuacHiTLBMZfMiyYFmKZaNCR6Lycwg+J5aVg6Q5cRHftsgxFVOIuCZRsxhLzImh7MMiCfZ8Mb047KvXNrAT6cNOr1pjsaLrWt5Z8YHc0XMi6ecm8Zks/mUs2+3JpvGLmBX5isnUji7/PmdFFMgRe/l5kcTVZKju3ag1psBU8xSwEVGgQD8rA2Lm27sB74gBaF2aATHK693Ad8SAIWm1LYuBJrn/Yt3ZD3f9rndj2sZAs39IfvLi0mFJpptxHSheot3s2OyvVa04KJ19SOIg69Q4CHA61fnAeEccxBQRfRmV7hZEO4R7bpk9fP6FMAxO05tTnhplSUVfvWrcTqkerotVq89b0TkNGnxfUfU0KNxyvF6qBsWR757MQ8pGmz0tArUZCCH/7a0kFkz5P8tAKM5ZJ7/9VFsOONlDSSxyXg7E+tT9umfjvTAgiwbPy8Cuie6/MKYKHilrH7XPQ20xAoerhrkeXAldvv2E/AEOvfX37xLabrgdKA6OYfkJU4qnRVUW8gEMkHCoWZL2G1BErfHr88C5MZ+/j8yr0erH6yQYB01JTB+3Pn3qe2S6YE/LlvvEnqIFJs+N6HcACfvbVgKCGQtI/Imp2rxxfExhyhp7ZAnYCWSx1e3vGW7Chu2vQsLe/w==</diagram></mxfile>" style="background-color: rgb(255, 255, 255);"><defs/><g><rect x="560" y="280" width="390" height="90" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 388px; height: 1px; padding-top: 325px; margin-left: 561px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">OP-TEE OS</div></div></div></foreignObject><text x="755" y="329" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">OP-TEE OS</text></switch></g><rect x="580" y="290" width="120" height="70" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 325px; margin-left: 581px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">SPM Core</div></div></div></foreignObject><text x="640" y="329" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">SPM Core</text></switch></g><rect x="607.5" y="360" width="65" height="20" fill="#a0522d" stroke="#6d1f00" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 63px; height: 1px; padding-top: 370px; margin-left: 609px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A ABI</div></div></div></foreignObject><text x="640" y="374" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A ABI</text></switch></g><rect x="60" y="500" width="890" height="60" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 888px; height: 1px; padding-top: 530px; margin-left: 61px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Secure Monitor<br />(TF-A)</div></div></div></foreignObject><text x="505" y="534" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Secure Monitor...</text></switch></g><rect x="580" y="507.5" width="120" height="45" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 530px; margin-left: 581px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">SPM Dispatcher</div></div></div></foreignObject><text x="640" y="534" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">SPM Dispatcher</text></switch></g><path d="M 640 501.13 L 640 386.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 640 506.38 L 636.5 499.38 L 640 501.13 L 643.5 499.38 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 640 381.12 L 643.5 388.12 L 640 386.37 L 636.5 388.12 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><rect x="560" y="100" width="390" height="150" fill="#dae8fc" stroke="none" pointer-events="all"/><rect x="580" y="130" width="70" height="90" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 175px; margin-left: 581px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Crypto<br />SP</div></div></div></foreignObject><text x="615" y="179" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Crypto...</text></switch></g><rect x="670" y="130" width="70" height="90" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 175px; margin-left: 671px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Secure<br />Storage<br />SP</div></div></div></foreignObject><text x="705" y="179" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Secure...</text></switch></g><rect x="765" y="130" width="70" height="90" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 175px; margin-left: 766px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Attestation<br />SP</div></div></div></foreignObject><text x="800" y="179" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Attestation...</text></switch></g><rect x="860" y="130" width="70" height="90" fill="#0050ef" stroke="#001dbc" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 175px; margin-left: 861px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">SMM Gateway<br />SP</div></div></div></foreignObject><text x="895" y="179" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">SMM Gateway...</text></switch></g><rect x="582.5" y="220" width="65" height="20" fill="#a0522d" stroke="#6d1f00" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 63px; height: 1px; padding-top: 230px; margin-left: 584px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A ABI</div></div></div></foreignObject><text x="615" y="234" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A ABI</text></switch></g><rect x="672.5" y="220" width="65" height="20" fill="#a0522d" stroke="#6d1f00" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 63px; height: 1px; padding-top: 230px; margin-left: 674px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A ABI</div></div></div></foreignObject><text x="705" y="234" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A ABI</text></switch></g><rect x="767.5" y="220" width="65" height="20" fill="#a0522d" stroke="#6d1f00" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 63px; height: 1px; padding-top: 230px; margin-left: 769px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A ABI</div></div></div></foreignObject><text x="800" y="234" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A ABI</text></switch></g><rect x="862.5" y="220" width="65" height="20" fill="#a0522d" stroke="#6d1f00" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 63px; height: 1px; padding-top: 230px; margin-left: 864px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A ABI</div></div></div></foreignObject><text x="895" y="234" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A ABI</text></switch></g><path d="M 614.99 273.09 L 615 246.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 614.99 278.34 L 611.49 271.34 L 614.99 273.09 L 618.49 271.34 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 615 241.12 L 618.5 248.12 L 615 246.37 L 611.5 248.12 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 705.07 273.63 L 705.01 246.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 705.08 278.88 L 701.56 271.89 L 705.07 273.63 L 708.56 271.88 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 705 241.12 L 708.52 248.11 L 705.01 246.37 L 701.52 248.12 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 800.55 273.63 L 800.21 246.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 800.62 278.88 L 797.03 271.93 L 800.55 273.63 L 804.03 271.84 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 800.14 241.12 L 803.73 248.07 L 800.21 246.37 L 796.73 248.16 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 895.01 273.09 L 895 246.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 895.01 278.34 L 891.51 271.34 L 895.01 273.09 L 898.51 271.34 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 895 241.12 L 898.5 248.12 L 895 246.37 L 891.5 248.12 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 540 460 L 540 0" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" stroke-dasharray="3 3" pointer-events="stroke"/><rect x="670" y="30" width="120" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 40px; margin-left: 671px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><font style="font-size: 18px">Secure World</font></div></div></div></foreignObject><text x="730" y="44" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Secure World</text></switch></g><rect x="270" y="280" width="210" height="90" fill="#647687" stroke="#314354" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 208px; height: 1px; padding-top: 325px; margin-left: 271px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">OS Kernel</div></div></div></foreignObject><text x="375" y="329" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">OS Kernel</text></switch></g><rect x="342.5" y="370" width="65" height="20" fill="#a0522d" stroke="#6d1f00" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 63px; height: 1px; padding-top: 380px; margin-left: 344px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A ABI</div></div></div></foreignObject><text x="375" y="384" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A ABI</text></switch></g><rect x="60" y="350" width="180" height="20" fill="#647687" stroke="#314354" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 178px; height: 1px; padding-top: 360px; margin-left: 61px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">UEFI Services</div></div></div></foreignObject><text x="150" y="364" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">UEFI Services</text></switch></g><rect x="117.5" y="370" width="65" height="20" fill="#a0522d" stroke="#6d1f00" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 63px; height: 1px; padding-top: 380px; margin-left: 119px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A ABI</div></div></div></foreignObject><text x="150" y="384" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A ABI</text></switch></g><rect x="270" y="100" width="210" height="150" fill="#dae8fc" stroke="none" pointer-events="all"/><rect x="290" y="130" width="80" height="90" fill="#647687" stroke="#314354" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 175px; margin-left: 291px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Client App</div></div></div></foreignObject><text x="330" y="179" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Client App</text></switch></g><rect x="295" y="190" width="70" height="20" fill="#cce5ff" stroke="#36393d" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 200px; margin-left: 296px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">PSA API</div></div></div></foreignObject><text x="330" y="204" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">PSA API</text></switch></g><rect x="380" y="130" width="80" height="90" fill="#647687" stroke="#314354" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 175px; margin-left: 381px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Client App</div></div></div></foreignObject><text x="420" y="179" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Client App</text></switch></g><rect x="385" y="190" width="70" height="20" fill="#cce5ff" stroke="#36393d" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 200px; margin-left: 386px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Client lib</div></div></div></foreignObject><text x="420" y="204" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Client lib</text></switch></g><path d="M 330.8 272.64 L 330.1 226.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 330.88 277.89 L 327.28 270.95 L 330.8 272.64 L 334.28 270.84 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 330.02 221.12 L 333.62 228.06 L 330.1 226.37 L 326.62 228.17 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 420.88 273.63 L 420.11 226.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 420.97 278.88 L 417.36 271.94 L 420.88 273.63 L 424.36 271.83 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 420.02 221.12 L 423.63 228.06 L 420.11 226.37 L 416.63 228.17 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><rect x="60" y="280" width="180" height="60" fill="#dae8fc" stroke="none" pointer-events="all"/><rect x="117.5" y="300" width="80" height="30" fill="#647687" stroke="#314354" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 315px; margin-left: 119px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">UEFI App</div></div></div></foreignObject><text x="158" y="319" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">UEFI App</text></switch></g><path d="M 157.84 343.63 L 157.66 336.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 157.97 348.88 L 154.3 341.97 L 157.84 343.63 L 161.3 341.8 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 157.53 331.12 L 161.2 338.03 L 157.66 336.37 L 154.2 338.2 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><rect x="210" y="30" width="120" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 40px; margin-left: 211px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><font style="font-size: 18px">Normal World</font></div></div></div></foreignObject><text x="270" y="44" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Normal World</text></switch></g><rect x="0" y="165" width="40" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 175px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">EL0</div></div></div></foreignObject><text x="20" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">EL0</text></switch></g><rect x="0" y="315" width="40" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 325px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">EL1</div></div></div></foreignObject><text x="20" y="329" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">EL1</text></switch></g><rect x="0" y="520" width="40" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 38px; height: 1px; padding-top: 530px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">EL3</div></div></div></foreignObject><text x="20" y="534" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">EL3</text></switch></g><path d="M 375.03 493.63 L 375.02 489.32 Q 375 485 375 475 L 375 396.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 375.06 498.88 L 371.53 491.9 L 375.03 493.63 L 378.53 491.87 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 375 391.12 L 378.5 398.12 L 375 396.37 L 371.5 398.12 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 150 493.63 L 150 486.82 Q 150 480 150 470 L 150 396.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 150 498.88 L 146.5 491.88 L 150 493.63 L 153.5 491.88 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 150 391.12 L 153.5 398.12 L 150 396.37 L 146.5 398.12 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><rect x="970" y="165" width="100" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 98px; height: 1px; padding-top: 175px; margin-left: 971px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Trusted Services</div></div></div></foreignObject><text x="1020" y="179" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Trusted Services</text></switch></g><rect x="950" y="320" width="100" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 98px; height: 1px; padding-top: 330px; margin-left: 951px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">OP-TEE</div></div></div></foreignObject><text x="1000" y="334" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">OP-TEE</text></switch></g><rect x="950" y="520" width="100" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 98px; height: 1px; padding-top: 530px; margin-left: 951px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">TF-A</div></div></div></foreignObject><text x="1000" y="534" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">TF-A</text></switch></g><rect x="565" y="120" width="285" height="130" rx="19.5" ry="19.5" fill="none" stroke="rgb(0, 0, 0)" stroke-dasharray="3 3" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe flex-end; justify-content: unsafe center; width: 283px; height: 1px; padding-top: 117px; margin-left: 566px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">PSA Root-of-Trust Services</div></div></div></foreignObject><text x="708" y="117" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">PSA Root-of-Trust Services</text></switch></g><rect x="700" y="600" width="240" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 238px; height: 1px; padding-top: 615px; margin-left: 701px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">FF-A (Firmware Framework for A-profile)</div></div></div></foreignObject><text x="820" y="619" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">FF-A (Firmware Framework for A-profile)</text></switch></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.diagrams.net/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Viewer does not support full SVG 1.1</text></a></switch></svg>
\ No newline at end of file
diff --git a/docs/overview/index.rst b/docs/overview/index.rst
index 4706034..3e657ab 100644
--- a/docs/overview/index.rst
+++ b/docs/overview/index.rst
@@ -1,15 +1,50 @@
-About trusted services
-======================
+Introduction
+============
+
+The term 'trusted service' is used as a general name for a class of application that runs in an isolated
+processing environment. Other applications rely on trusted services to perform security related operations in
+a way that avoids exposing secret data beyond the isolation boundary of the environment. The word 'trusted'
+does not imply anything inherently trustworthy about a service application but rather that other applications
+put trust in the service. Meeting those trust obligations relies on a range of hardware and firmware
+implemented security measures.
+
+The Arm Application-profile (A-profile) architecture, in combination with standard firmware, provides a range
+of isolated processing environments that offer hardware-backed protection against various classes of attack.
+Because of their strong security properties, these environments are suitable for running applications that have
+access to valuable assets such as keys or sensitive user data. The goal of the Trusted Services project is
+to provide a framework in which security related services may be developed, tested and easily deployed to
+run in any of the supported environments. A core set of trusted services are implemented to provide basic
+device security functions such as cryptography and secure storage.
+
+Example isolated processing environments are:
+
+ - **Secure partitions** - secure world isolated environments managed by a secure partition manager
+ - **Trusted applications** - application environments managed by a TEE
+ - **VM backed container** - container runtime that uses a hypervisor to provide hardware backed container isolation
+
+The default reference system, used for test and development, uses the Secure Partition Manager configuration
+of OP-TEE to manage a set of secure partitions running at S-EL0. The secure partitions host service providers
+that implement PSA root-of-trust services. Services may be accessed using client-side C bindings that expose PSA
+Functional APIs. UEFI SMM services are provided by the SMM Gateway.
+
+.. image:: image/TsReferencePlatform.svg
+.. The image was exported from an original on Arm Confluence.
+
+For more background on the type of problems solved by trusted services and how the project aims to
+make solutions more accessible, see:
.. toctree::
:maxdepth: 1
- :caption: Contents:
- introduction
+ example-usage
goals
+The Trusted Services project includes components that may be integrated into platform firmware
+to enable A-profile platforms to meet PSA Certified security requirements. For more information, see:
+:ref:`Platform Certification`.
+
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/overview/introduction.rst b/docs/overview/introduction.rst
deleted file mode 100644
index 674e0b5..0000000
--- a/docs/overview/introduction.rst
+++ /dev/null
@@ -1,69 +0,0 @@
-What are trusted services?
-==========================
-
-The term 'trusted service' is used as a general name for a class of application that runs in an isolated
-processing environment. Other applications rely on trusted services to perform security related operations in
-a way that avoids exposing secret data beyond the isolation boundary of the environment. The word 'trusted'
-does not imply anything inherently trustworthy about a service application but rather that other applications
-put trust in the service. Meeting those trust obligations relies on a range of hardware and firmware
-implemented security measures.
-
-The Arm architecture, in combination with standard firmware, provides a range of isolated processing environments
-that offer hardware-backed protection against various classes of attack. Because of their strong security
-properties, these environments are suitable for running applications that have access to valuable assets
-such as keys or sensitive user data. The goal of the Trusted Services project is to provide a framework in
-which security related services may be developed, tested and easily deployed to run in any of the supported
-environments. A core set of trusted services are implemented to provide basic device security functions such
-as cryptography and secure storage.
-
-Example isolated processing environments are:
-
- - **Secure partitions** - secure world VMs managed by a secure partition manager
- - **Trusted applications** - application environments managed by a TEE
- - **Integrated microcontroller** - a secondary MCU used as a secure enclave
-
-Typical problems solved by trusted services
--------------------------------------------
-
-The following are examples of how trusted services can solve common device security problems.
-
-
-Protecting IoT device identity
-''''''''''''''''''''''''''''''
-
-During the provisioning process, an IoT device is assigned a secure identity that consists of a public/private
-key pair and a CA signed certificate that includes the public key. The device is also provisioned with the
-public key corresponding to the cloud service that it will operate with. The provisioned material is used
-whenever a device connects to the cloud during the authentication process. To prevent the possibility
-of device cloning or unauthorized transfer to a different cloud service, all provisioned material must be
-held in secure storage and access to the private key must be prevented. To achieve this, the certificate
-verification and nonce signing performed during the TLS handshake is performed by the Crypto trusted service
-that performs the operations without exposing the private key.
-
-
-Protecting Software Updates
-'''''''''''''''''''''''''''
-
-To ensure that software updates applied to a device originate from a legitimate source, update packages are
-signed. A signed package will include a signature block that includes a hash of the package contents within
-the signed data. During the update process, a device will verify the signature using a provisioned public key
-that corresponds to the signing key used by the update originator. By holding the public key in secure storage
-and performing the signature verification using the Crypto service, unauthorized modification of the update
-source is prevented.
-
-
-Secure Logging
-''''''''''''''
-
-A managed IoT device will often be configured by an installation engineer who has physical access to the
-device. To allow a cloud operator to audit configuration changes, it is necessary to keep a log of
-configuration steps performed by the installation engineer. To avoid the possibility of fraudulent
-modification of the audit log, a device signs log data using a device unique key-pair. The public key
-corresponding to the signing private key may be retrieved by the cloud operator to allow the log to
-be verified. To protect the signing key, the Crypto service is used for signing log records.
-
---------------------
-
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/project/change-log.rst b/docs/project/change-log.rst
index fbabfa4..33dcf42 100644
--- a/docs/project/change-log.rst
+++ b/docs/project/change-log.rst
@@ -1,30 +1,81 @@
Change Log & Release Notes
==========================
-This document contains a summary of the new features, changes, fixes and known
-issues in each release of Trusted Services.
+This document contains a summary of the new features, changes, fixes and known issues in each release of Trusted
+Services.
-Version 0.1.0
--------------
+Version 1.0.0-Beta
+------------------
-New Features
-^^^^^^^^^^^^
-First release.
+The first tagged release of the project.
-Changes
-^^^^^^^
-None.
+Feature Highlights
+^^^^^^^^^^^^^^^^^^
-Resolved Issues
-^^^^^^^^^^^^^^^
-None.
+The project supports the following services:
-Deprecations
-^^^^^^^^^^^^
-None.
+ - Secure Storage
+ - Crypto
+ - Initial Attestation
+ - Smm Variable
+
+Services may be accessed using client components that implement "`Psacertified v1.0 APIs`_". The project includes deployments
+that integrate `PSA API certification tests`_ with API clients to facilitate end-to-end PSA certification testing.
+
+Known limitations
+'''''''''''''''''
+
+ - Crypto key store partitioning by client is not yet supported.
+ - Discovery support is only currently integrated into the Crypto service provider. In case of services not supporting
+ this feature yet, communication parameters (e.g. maximum buffer size) and supported feature set needs to be hardcode
+ to the service provider and service client.
+
+Supported Trusted Environments
+''''''''''''''''''''''''''''''
+
+In the default configuration each service is deployed to a dedicated FF-A Secure Partition and executes isolated.
+Service implementations are platform, trusted environment and service deployment agonistic. With appropriate enablement
+work services can be enabled to work in any combination of these.
+
+The reference integration uses the SPMC implemented in OP-TEE OS to manage TS SPs. This release supports `OP-TEE v3.19`_.
+
+Supported Integration Systems
+'''''''''''''''''''''''''''''
+
+The reference solution uses the OP-TEE integration methodology. This relies on the google repo tool for high-level dependency
+management and a set of makefiles to capture the build configuration information. For details please refer to
+`OP-TEE git repo documentation`_.
+
+The project is officially enabled in `Yocto meta-arm`_.
+
+Supported Target Platforms
+''''''''''''''''''''''''''
+
+The only reference platform supported by this release is the `AEM FVP`_ build using the OP-TEE integration method.
+
+Known limitations:
+
+ - Non-volatile backend secure storage is not currently provided.
+
+
+Test Report
+^^^^^^^^^^^
+
+Please find the Test Report covering this release in the `tf.org wiki`_.
+
+
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+.. _`FF-A Specification v1.0`: https://developer.arm.com/documentation/den0077/a
+.. _`Psacertified v1.0 APIs`: https://www.psacertified.org/development-resources/building-in-security/specifications-implementations/
+.. _`OP-TEE v3.19`: https://github.com/OP-TEE/optee_os/tree/3.19.0
+.. _`Yocto meta-arm` : https://gitlab.oss.arm.com/engineering/yocto/meta-arm/-/tree/master/meta-arm/recipes-security/trusted-services
+.. _`tf.org wiki`: https://developer.trustedfirmware.org/w/trusted-services/test-reports/v1.0.0-beta/
+.. _`AEM FVP`: https://developer.arm.com/-/media/Files/downloads/ecosystem-models/FVP_Base_RevC-2xAEMvA_11.18_16_Linux64.tgz
+.. _`PSA API certification tests`: https://github.com/ARM-software/psa-arch-tests
+.. _`OP-TEE git repo documentation`: https://optee.readthedocs.io/en/latest/building/gits/build.html
+
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/project/coding-guidelines.rst b/docs/project/coding-guidelines.rst
index ca80f1b..5b5607a 100644
--- a/docs/project/coding-guidelines.rst
+++ b/docs/project/coding-guidelines.rst
@@ -69,8 +69,6 @@
#
#-------------------------------------------------------------------------------
-.. todo:: Explain CMake return values and parent scope concept in more detail.
-
Restructured Text Rules
-----------------------
diff --git a/docs/project/contributing.rst b/docs/project/contributing.rst
index 836502c..5d8cb8f 100644
--- a/docs/project/contributing.rst
+++ b/docs/project/contributing.rst
@@ -1,6 +1,10 @@
Contributing
============
+Reporting Security Issues
+-------------------------
+
+Please follow the directions of the `Trusted Firmware Security Center`_
Getting Started
---------------
@@ -9,7 +13,6 @@
- Send an email to the |TS_MAIL_LIST| about your work. This gives everyone
visibility of whether others are working on something similar.
- Clone the |TS_REPO| on your own machine.
-- Create a local topic branch based on ``main`` branch of the |TS_REPO|.
Making Changes
--------------
@@ -81,7 +84,7 @@
.. _Gerrit Signed-off-by Lines guidelines: https://review.trustedfirmware.org/Documentation/user-signedoffby.html
.. _Gerrit Change-Ids documentation: https://review.trustedfirmware.org/Documentation/user-changeid.html
.. _`Tim Popes blog entry`: https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
-
+.. _`Trusted Firmware Security Center`: https://developer.trustedfirmware.org/w/collaboration/security_center/
*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/project/glossary.rst b/docs/project/glossary.rst
index 74356c0..55b17f7 100644
--- a/docs/project/glossary.rst
+++ b/docs/project/glossary.rst
@@ -29,16 +29,64 @@
FF-A
`Firmware Framework for A`_
+ TEE
+ Trusted Execution Environment. An SPE implemented using TrustZone.
+
+ TrustZone
+ Hardware assisted isolation technology built into arm CPUs. See `TrustZone for Cortex-A`_.
+
+ SPE
+ See :term:`Secure Processing Environment`.
+
+ Secure Processing Environment
+ An isolated environment to execute software images backed by a specific set of hardware and arm architecture
+ features. The aim of isolation os to protect sensitive workloads and their assets.
+
+ SP
+ see :term:`Secure Partition`
+
+ Secure Partition
+ Secure Partition is a compartment to execute a software image isolated from other images. Isolation can be logical
+ or physical based on if physical address range isolation is involved or not. See :term:`Physical SP` and :term:`Logical SP`.
+
+ An SP may host a single or multiple services.
+
+ Physical SP
+ A Secure Partition which executes a software image in and isolated physical address space.
+
+ Logical SP
+ A Secure Partition which executes a software image isolated buy without physical address space isolation.
+
+ SPM
+ See :term:`Secure Partition Manager`.
+
+ Secure Partition Manager
+ A component responsible for creating and managing the physical isolation boundary of an :term:`SP` in the SWd. It
+ is built from two sub-components the :term:`Secure Partition Manager Dispatcher` and the
+ :term:`Secure Partition Manager Core`.
+
+ Secure Partition Manager Dispatcher
+ The SPM component responsible for SPMC initialization boot-time, and forwarding FF-A calls run-time between SPs
+ and between SPs and the SPMC.
+
+ Secure Partition Manager Core
+ A component responsible for SP initialization and isolation at boot-time, inter partition isolation at run-time,
+ inter-partition communication at run-time.
+
+ Secure Enclave
+ An isolated hardware subsystem focusing on security related operations. The subsystem may include hardware
+ peripherals and one or more processing elements. As an example see the `Arm SSE-700`_ subsystem.
--------------
-.. _`Arm Glossary`: https://developer.arm.com/support/arm-glossary
+.. _`Arm Glossary`: https://developer.arm.com/documentation/aeg0014
.. _`Linux Coding Style`: https://www.kernel.org/doc/html/v4.10/process/coding-style.html
.. _`Arm C language extensions`: https://developer.arm.com/documentation/101028/0012/?lang=en
.. _`Platforn Security Arhitecture`: https://developer.arm.com/architectures/security-architectures/platform-security-architecture
.. _`Firmware Framework for A`: https://developer.arm.com/docs/den0077/latest
+.. _`TrustZone for Cortex-A`: https://www.arm.com/technologies/trustzone-for-cortex-a
+.. _`Arm SSE-700`: https://developer.arm.com/documentation/101418/0100/Overview/About-SSE-700
-
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/project/index.rst b/docs/project/index.rst
index 21f1d0f..d7a4b4b 100644
--- a/docs/project/index.rst
+++ b/docs/project/index.rst
@@ -1,4 +1,4 @@
-About the project
+About the Project
=================
.. toctree::
@@ -12,10 +12,12 @@
license
maintainers
versioning_policy
- todo
+ version_control
+ quality-assurance/index
+ releases
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/project/quality-assurance/index.rst b/docs/project/quality-assurance/index.rst
new file mode 100644
index 0000000..775fce9
--- /dev/null
+++ b/docs/project/quality-assurance/index.rst
@@ -0,0 +1,30 @@
+Quality Assurance
+=================
+
+This section covers quality definition of the project, efforts the project is making to ensure the quality level of the
+products meet expectations.
+
+The primary products of this project are the :ref:`Deployments` building :ref:`Secure Partition Images` and `Libraries`.
+There are secondary products like:
+
+ - build scripts
+ - test automation scripts
+ - documentation
+ - various processes
+ - etc...
+
+Quality Assurance of secondary products happens at a "best effort" basis. The project will try to keep these healthy,
+but quality definition of these may aim lower or may even be lacking.
+
+.. toctree::
+ :maxdepth: 1
+
+ ./verification-strategy
+ ./verification-methodology
+ ./verification-plan
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
\ No newline at end of file
diff --git a/docs/project/quality-assurance/verification-methodology.rst b/docs/project/quality-assurance/verification-methodology.rst
new file mode 100644
index 0000000..f68401d
--- /dev/null
+++ b/docs/project/quality-assurance/verification-methodology.rst
@@ -0,0 +1,71 @@
+Verification methodology
+========================
+
+This page discusses discusses verification tools and techniques used by the project.
+
+
+Static Checks
+-------------
+
+This verification step checks quality by examining the source code. The project currently uses two tools which are
+discussed in the chapters below.
+
+Checkpatch
+''''''''''
+
+`Checkpatch`_ is a tool developed and maintained by the Linux Kernel community. It can look for errors related to:
+
+ - C and C++ coding style
+ - spelling mistakes
+ - git commit message formatting
+
+Please find the configuration of this tool in the :download:`TS repository.<../../../.checkpatch>`
+
+Cppcheck tool
+'''''''''''''
+
+`CppCheck`_ is a C/C++ static analysis tool. It can detect code depending on implementation defined behavior, and
+dangerous coding constructs and thus it verifies coding guidelines.
+
+Please find the configuration of this tool in the :download:`TS repository.<../../../.cppcheck>`
+
+Build verification
+------------------
+
+The :ref:`Build test runner` captures reference build configurations for all TS build products and can be used to verify
+these.
+
+Runtime verification
+--------------------
+
+During the runtime versification step various test and demo executables are executed on the host PC and/or on target
+platforms.
+
+Tests are targeting three different environment types:
+
+ - ``arm-linux``: test executables to be run from Linux user-space on the target.
+ - ``pc-linux``: executables to run on the host PC. These tests have a lower verification level, as the binary is likely
+ not running on an arm target. Portability issues in the source may hide error or trigger false alarms. In turn
+ this type of test is cheap,
+ - ``sp`` and ``opteesp``: test executables targeting these environments run in the SWd and server as:
+
+ - test payloads to help exercise trusted services
+ - test payload to help platform porting
+
+Each of these test applications manifest as a "deployment" in trusted services. For more details please see the
+:ref:`Deployments` section.
+
+Compliance testing
+''''''''''''''''''
+
+The project hosts deployment helping compliance testing. For more information please refer to
+:ref:`Platform Certification`.
+
+------------------
+
+.. _`Checkpatch`: https://docs.kernel.org/dev-tools/checkpatch.html
+.. _`CppCheck`: https://cppcheck.sourceforge.io/
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/project/quality-assurance/verification-plan.rst b/docs/project/quality-assurance/verification-plan.rst
new file mode 100644
index 0000000..3e67f43
--- /dev/null
+++ b/docs/project/quality-assurance/verification-plan.rst
@@ -0,0 +1,37 @@
+Verification Plan
+=================
+
+This document describes when and by whom verification steps are to be executed. Since this is an open-source project
+maintained by an open community, each contributor is expected to participate.
+
+Verification during development
+-------------------------------
+
+When changing existing code, or adding new code, the developer is expected to:
+
+ - run static checks to guard "clean code".
+ - execute runtime tests on the host machine to ensure features not changed are behaving as before. Verification
+ efforts targeting regression may be limited based on the expected effects of the change.
+ - extend unit and component tests to cover changes
+
+Verification during code review
+-------------------------------
+
+The code review covers all aspects of a change, including design and implementation. This includes running static checks
+and runtime tests. The reviewers are expected to check if tests are extended as needed.
+
+Verification efforts of a review may be limited to lower costs, based on the expected effects of the change.
+
+Guarding "main"
+---------------
+
+All commits of the integration branch shall be verified using the full verification set-up. This verification shall aim
+for achieving the highest quality level and shall not make compromises. A change becomes ready to get merged to "main"
+after passing the tests.
+
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
\ No newline at end of file
diff --git a/docs/project/quality-assurance/verification-strategy.rst b/docs/project/quality-assurance/verification-strategy.rst
new file mode 100644
index 0000000..db4a03d
--- /dev/null
+++ b/docs/project/quality-assurance/verification-strategy.rst
@@ -0,0 +1,98 @@
+Verification Strategy
+=====================
+
+This page describes verification from a high level concept perspective.
+
+In this context ``source code`` has a wider scope and may mean any text content produced by humans and processed by
+other humans or tools. Examples: C/C++ source code, reST documents, build scripts, etc...
+
+Clean Code
+----------
+
+Clean code aims to counterfeit issues discussed in the following sub-chapters.
+
+Code Readability
+''''''''''''''''
+
+Expressing ideas in a machine readable formats is complicated, and each developer may have a different taste or
+different preferences on how source code should be formatted. Some people may find a specific kind of formatting easier
+to understand than others. If the source code does not follow a consistent look and feel, human processing of the text
+may become error prone. This undermines effectiveness of co-operation and code-review, and may lead to incorrect code.
+The project defines coding style rules to counterfeit these problems. For detail please refer to :ref:`Coding Style &
+Guidelines`
+
+Undefined and Implementation Defined Behavior
+'''''''''''''''''''''''''''''''''''''''''''''
+
+The "standard" defining how to process a specific source code type, may leave some processing behavior to the tool
+to be defined, or allow the tool to behave in an undefined way. Coding constructs relying on such behavior are to be
+avoided, or used in a well defined way. This adds robustness and helps avoiding errors due to using different version
+of the same tool, or different implementations.
+
+The project defines coding guidelines to counterfeit these problems. For detail please refer to
+:ref:`Coding Style & Guidelines`
+
+Security
+''''''''
+
+Security is a complex topic affecting all steps of the development process. Incorrect code may lead to security issues
+and thus "Clean Code" has a vital role in implementing secure software.
+
+Runtime Testing
+---------------
+
+Runtime testing focuses of verifying the behavior of one or multiple build products built from source code. This can be
+done at multiple levels and in multiple execution environment.
+
+
+Unit Test
+'''''''''
+
+Unit tests aim to verify if the internal operation of a module matches the developers expectation. It helps covering all
+code execution paths, and to give confidence on correct operation when code needs to be refactored. Unit tests serve as
+a kind of documentation capturing the expected usage of the code.
+
+Unit-testing allays happen on the "host PC"
+
+Component Test
+''''''''''''''
+
+Component tests aim to verify the API (and ABI) of a component is matching expectations. Components are tested in
+isolation, where the exported APIs are exercised by these code, and APIs the component depends on are implemented by
+test doubles.
+
+System Test
+'''''''''''
+
+System test verifies correct operation of a set of modules configured to fulfill the requirements of a use-case. For TS
+this usually means testing and end-to-end setup on a specific target platform.
+
+Balancing Costs vs Quality
+''''''''''''''''''''''''''
+
+Executing build products on target platforms may have high costs in terms of time, complexity and availability and in
+turn it gives the hights confidence in verification results, or the best quality. In the development phase it may be
+desired to some level of this confidence for lower costs. For this purpose the project defines two main test
+set-up types based on the balance choice between cost and quality.
+
+Testing on a Target Platform
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+In this environment tests are executed on a target platform. Emulators (e.g. QEMU, FVP) from this aspect are treated
+like targets implemented in silicon.
+
+Testing on the Host Machine
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+In this environment test executables are compiled to execute as a "standard" user-space application running on the
+machine "hosting" the development activity. In most cases these machines are based on a different architecture that the
+ones the project is targeting (e.g. x86-64 vs aarch64). This means this environment relies on the assumption that code
+is portable and behaves architecture and compiler independent. This puts limitations on the features which can be tested
+and lower the confidence level of test output. In turn executing tests int his environment is simple and gives very good
+scalability options.
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
\ No newline at end of file
diff --git a/docs/project/releases.rst b/docs/project/releases.rst
new file mode 100644
index 0000000..e8f38cb
--- /dev/null
+++ b/docs/project/releases.rst
@@ -0,0 +1,56 @@
+Releases
+========
+
+The release is a well documented and identifiable "quality snapshot" of the products the project is developing. It helps
+adopters by providing reference points and understanding differences between these.
+
+Due to the :ref:`Version Control` policy implemented, each commit on the "main" branch has a source code and runtime
+quality level as a release. The release in addition to that ads extra documentation of changes in form of the
+:ref:`Change Log & Release Notes`
+
+Cadence
+-------
+
+There is no fixed release cadence defined yet.
+
+Release procedure
+=================
+
+``DR`` below stands for "Day of Release".
+
+.. list-table:: Release steps
+ :header-rows: 1
+
+ * - Time
+ - Task
+ * - ``DR``-3w
+ -
+ - Send notification to |TS_MAIL_LIST| about upcoming release.
+ - Release note update starts.
+ - Platform maintainers prepare for testing their platforms.
+ * - ``DR``-1w
+ -
+ - A release PR is created updating the release ID and release notes.
+ - "integration" branch is frozen and "main" branch is updated if needed.
+ - "main" branch is tagged with `_rc0` tag to mark start of release testing.
+ - Maintainers start release testing.
+ - Platform maintainers start release testing their platforms.
+ * - ``DR``
+ -
+ - Release notes is finalized.
+ - Release PR gets merged.
+ - "main" branch is updated.
+ - "main" branch is tagged.
+ - Release announcement is sent to |TS_MAIL_LIST|.
+
+Errors discovered during testing will break the release process. Fixes need to be made and merged as usual, and release
+testing to be restarted with including applying a new ``_rc<x>`` tag, where ``<x>`` is a monotonic counter.
+
+If fixing the encountered errors takes long, the release is either aborted and postponed, or the defects are captured in
+the release notes under the "known issues" section.
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
\ No newline at end of file
diff --git a/docs/project/todo.rst b/docs/project/todo.rst
deleted file mode 100644
index 1739eab..0000000
--- a/docs/project/todo.rst
+++ /dev/null
@@ -1,22 +0,0 @@
-TODO list
-=========
-
-This file collects information on planned future changes and issues to be
-addressed. For managing the TODO list below, the `Sphinx TODO extension`_ is
-used.
-
-.. todo:: Find a solution to make the rendering of TODO entries less intrusive
- at their original location.
-
-List of TODO entries in the project
------------------------------------
-
-.. todolist::
-
---------------
-
-.. _`Sphinx TODO extension`: https://www.sphinx-doc.org/en/master/usage/extensions/todo.html
-
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
\ No newline at end of file
diff --git a/docs/project/version_control.rst b/docs/project/version_control.rst
new file mode 100644
index 0000000..ebcfc6f
--- /dev/null
+++ b/docs/project/version_control.rst
@@ -0,0 +1,68 @@
+Version Control
+===============
+
+Version control is about tracking and managing changes to text files including source-code, scripts, configuration
+files and documentation.
+
+The project uses the `Git version control system`_ and Gerrit as the code review and access restriction enforcement
+solution. Although git is a distributed version control system the project uses a "centralized" approach. The main
+repositories can be found at https://trustedfirmware.org, where two WEB UIs can be found:
+
+ - a `cgit instance`_ allowing browse and clone the repositories
+ - and a `Gerrit instance`_ for contribution and code review purposes.
+
+Currently the project has a single repository hosting the source-code:
+https://git.trustedfirmware.org/TS/trusted-services.git/
+
+Branching Strategy
+------------------
+
+The branching strategy is built around a "quality" based flow of changes.
+
+Each change starts targeting an "integration" branch either as a "standalone" change or as a topic. Changes landing on
+integrations are expected to be "independent" (properly build and working without depending on other changes).
+Validation efforts of the changes my have limited focus based on the expected effect of the change. This allows
+balancing validation costs to pay during reviews.
+
+All change landing on the integration branch will get trough full validation. When passing all quality checks, the
+change can be merged to a "main" branch. All changes on the main branch are expected to fulfill all quality requirements
+and to pass full validation.
+
+The default name of the "integration" branch is ``integration`` and the default name of the "main" branch is ``main``.
+For special purposes (e.g. long term support, hosting a special version, etc...) other branches acting as "integration"
+and "main" can be defined.
+
+Sandbox branches
+----------------
+
+For prototyping purposes the project allows using "sandbox" branches. Changes on these branches are free to lower
+quality expectations as needed. Sandbox branches are to be created under ``sandbox/<username>/`` namespace
+(e.g. ``sandbox/gyoszi01/static-init-prototype``).
+
+Topic branches
+--------------
+
+For large changes or changes expected to have a longer development time "topic" branches can be used. Topic branches are
+to be created under the ``topics/<username>/<some name>`` namespace. If multiple developers are co-developing a feature
+``<username>`` is expect to be the lead developer.
+
+Review vs quality
+-----------------
+
+As discussed above all commits on the "integration" branch must properly build and work independent of other changes.
+This may result in large commits, which would make code reviews difficult. To help the code review, large changes should
+be split to small steps, each implementing a single logical step needed for the full change. To remove the conflict
+between quality expectation requiring large and review requiring small commits, topic branches shall be used. Large
+changes are to be split up to small steps and target a topic branch first. This way reviewers can check small changes,
+and only the tip of the topic branch is to pass build and runtime tests.
+
+.. _`cgit instance`: https://git.trustedfirmware.org/
+.. _`Gerrit instance`: https://review.trustedfirmware.org/
+
+-------------
+
+.. _`Git version control system`: https://git-scm.com/
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
\ No newline at end of file
diff --git a/docs/project/versioning_policy.rst b/docs/project/versioning_policy.rst
index d57057f..c176db3 100644
--- a/docs/project/versioning_policy.rst
+++ b/docs/project/versioning_policy.rst
@@ -5,25 +5,34 @@
project. It tells the meaning of each part, where the version information is
captured and how it is managed.
-Summary
--------
+Format of version IDs
+---------------------
The version identifier identifies the feature set supported by a specific
release, and captures compatibility information to other releases.
This project uses "Semantic Versioning", for details please refer to |SEMVER|.
-In general the version number is constructed from three numbers. The `MAJOR`
-number is changed when incompatible API changes are introduced, the `MINOR`
-version when you functionality is added in a backward compatible manner, and
-the `PATCH` version when backwards compatible bug fixes are added.
+The version number is constructed from three numbers, and an optional
+pre-release identifier. The `MAJOR` number is changed when incompatible API
+changes are introduced, the `MINOR` version when new functionality is added in a
+backward compatible manner, and the `PATCH` version when backwards compatible
+bug fixes are added. The pre-release identifier is appended after the numbers
+separated with a ``-`` and can be the string ``alpha`` or ``beta``.
-Each release will get a unique release id assigned. When a release is made, the
+Each release will get a unique version id assigned. When a release is made, the
version number will get incremented in accordance with the compatibility rules
mentioned above.
-This project is only using the core version and will not use pre-release or
-build specific metadata extension.
+Version ID hierarchy
+--------------------
+
+The project hosts multiple components which can be used separately and thus need
+compatibility information expressed independently. Such components get a
+dedicated version ID. Examples are :ref:`libs-libsp` and :ref:`libs-libts`.
+
+Components are never released standalone but only part of a TS release. In that
+sense a set of independent component version IDs are assigned to a TS release ID.
Storage and format
------------------
@@ -42,6 +51,6 @@
.. _`Semantic Versioning`: https://semver.org/spec/v2.0.0.html
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/quickstart/index.rst b/docs/quickstart/index.rst
new file mode 100644
index 0000000..73a3660
--- /dev/null
+++ b/docs/quickstart/index.rst
@@ -0,0 +1,18 @@
+Quick Start Guides
+==================
+
+The following quick start guides provide step-by-step instructions for performing common tasks when
+working with the Trusted Services project.
+
+.. toctree::
+ :maxdepth: 1
+ :caption: Contents:
+
+ pc-testing
+ optee-testing
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/quickstart/optee-testing.rst b/docs/quickstart/optee-testing.rst
new file mode 100644
index 0000000..85e2053
--- /dev/null
+++ b/docs/quickstart/optee-testing.rst
@@ -0,0 +1,61 @@
+Build and run tests on OP-TEE reference integration for FVP
+===========================================================
+
+The Linux based build maintained by the OP-TEE project is used as the reference integration for testing
+trusted service deployments on a simulated hardware platform. Service providers deployed within secure partitions
+are tested using test executables that run as user-space programs under Linux. Test cases interact with trusted
+service providers using standard service access protocols, carried by FF-A based messages.
+
+The test executables most often used for service level testing on hardware platforms are:
+
+ - *ts-service-test* - contains a set of service-level end-to-end tests. Discovers and communicates
+ with service providers using libts.
+ - *psa-api-test* - PSA functional API conformance tests (from external project). Also uses libts.
+
+This method uses the makefiles from the ``op-tee/build`` repository.
+
+
+Before you start
+----------------
+
+Before attempting to run tests on the FVP simulation, the OP-TEE reference integration needs to be
+built and run. Read the following guides to understand how to do this:
+
+ - OP-TEE build and run instructions, see:
+ :ref:`Deploying trusted services in S-EL0 Secure Partitions under OP-TEE`
+
+ - Instructions for loading and running user-space programs on FVP:
+ :ref:`Running user-space programs on FVP`
+
+
+Build the linux application binaries
+------------------------------------
+
+From the root directory of the workspace, enter the following to build the test applications::
+
+ make -C build ffa-test-all
+
+
+Run *ts-service-test*
+---------------------
+
+From the root directory of the workspace, enter::
+
+ FVP_PATH=../Base_RevC_AEMvA_pkg/models/Linux64_GCC-9.3 make -C build run-only
+
+Once it boots to the login prompt, log in as root and from the FVP terminal, enter::
+
+ cd /mnt/host
+ cp -vat /usr out/ts-install/arm-linux/lib out/ts-install/arm-linux/bin
+ out/linux-arm-ffa-tee/load_module.sh
+ out/linux-arm-ffa-user/load_module.sh
+ ts-service-test -v
+
+Use the same flow for other user-space programs. Check the output of the ``cp`` command executed to see
+executables copied under ``/usr/bin``.
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/quickstart/pc-testing.rst b/docs/quickstart/pc-testing.rst
new file mode 100644
index 0000000..9b887be
--- /dev/null
+++ b/docs/quickstart/pc-testing.rst
@@ -0,0 +1,66 @@
+Build and run PC based tests
+============================
+
+Many components within the Trusted Services project may be built and tested within a native PC environment.
+PC based testing is an important part of the development flow and can provide a straight-forward way to check
+for regressions and debug problems. PC based tests range from small unit tests up to end-to-end service tests.
+All test cases in the Trusted Services project are written for the CppUTest test framework.
+
+The test executables most often used for PC based testing of Trusted Services components are:
+
+ - *component-test* - a PC executable that runs many component level tests.
+ - *ts-service-test* - contains a set of service-level end-to-end tests. For PC build, service providers
+ are included in the libts library.
+ - *psa-api-test* - PSA functional API conformance tests (from external project).
+
+
+Before you start
+----------------
+Before attempting to run any builds, ensure that all necessary tools are installed. See: :ref:`Software Requirements`
+
+
+Build and run *component-test*
+------------------------------
+
+From the root directory of the checked-out TS project, enter the following::
+
+ cmake -B build-ct -S deployments/component-test/linux-pc
+ make -C build-ct install
+ build-ct/install/linux-pc/bin/component-test -v
+
+
+Build and run *ts-service-test*
+-------------------------------
+
+From the root directory of the checked-out TS project, enter the following::
+
+ cmake -B build-ts -S deployments/ts-service-test/linux-pc
+ make -C build-ts install
+ LD_PRELOAD=build-ts/install/linux-pc/lib/libts.so build-ts/install/linux-pc/bin/ts-service-test -v
+
+Build and run *psa-api-test*
+----------------------------
+Tests for each API are built as separate executables. Test are available for the following APIs::
+
+ crypto
+ initial_attestation
+ internal_trusted_storage
+ protected_storage
+
+To build and run tests for the Crypto API, enter the following (use the same flow for other APIs)::
+
+ cmake -B build-pa deployments/psa-api-test/crypto/linux-pc
+ make -C build-pa install
+ LD_PRELOAD=build-pa/install/linux-pc/lib/libts.so build-pa/install/linux-pc/bin/psa-crypto-api-test
+
+More information
+----------------
+For more information about deployments and building, see: :ref:`Build Instructions`
+
+PSA functional API conformance tests git location: https://github.com/ARM-software/psa-arch-tests.git
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/requirements.txt b/docs/requirements.txt
index 19a81f3..516a46c 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -6,8 +6,9 @@
# Python dependencies for building the documentation.
-Sphinx==2.3.1
-sphinx-rtd-theme==0.4.3
-sphinxcontrib-moderncmakedomain==3.13
-sphinxcontrib-plantuml==0.18
-Jinja2<3.1
+Sphinx==4.5
+sphinx-rtd-theme==1.0.0
+sphinxcontrib-moderncmakedomain==3.21.4
+sphinxcontrib-plantuml==0.23
+Jinja2==2.11.3
+markupsafe==2.0.1
diff --git a/docs/security/generic-data-flow.graphml b/docs/security/generic-data-flow.graphml
new file mode 100644
index 0000000..5d96f00
--- /dev/null
+++ b/docs/security/generic-data-flow.graphml
@@ -0,0 +1,500 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
+ <!--Created by yEd 3.21.1-->
+ <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
+ <key for="port" id="d1" yfiles.type="portgraphics"/>
+ <key for="port" id="d2" yfiles.type="portgeometry"/>
+ <key for="port" id="d3" yfiles.type="portuserdata"/>
+ <key attr.name="url" attr.type="string" for="node" id="d4"/>
+ <key attr.name="description" attr.type="string" for="node" id="d5"/>
+ <key for="node" id="d6" yfiles.type="nodegraphics"/>
+ <key for="graphml" id="d7" yfiles.type="resources"/>
+ <key attr.name="url" attr.type="string" for="edge" id="d8"/>
+ <key attr.name="description" attr.type="string" for="edge" id="d9"/>
+ <key for="edge" id="d10" yfiles.type="edgegraphics"/>
+ <graph edgedefault="directed" id="G">
+ <data key="d0" xml:space="preserve"><![CDATA[Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+SPDX-License-Identifier: BSD-3-Clause
+
+Generic threat modell of a Trusted Service.
+]]></data>
+ <node id="n0">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="12.496800000000093" width="167.67999999999955" x="999.8343945312489" y="457.4259263183566"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#FF0000" raised="false" type="dashed" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.0078125" x="4.0" xml:space="preserve" y="-3.1021859374999394">TB3<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="-0.5" labelRatioY="0.0" nodeRatioX="-0.5" nodeRatioY="1.1102230246251565E-15" offsetX="4.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n1">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="564.0099999999994" width="12.179999999999382" x="583.593507385258" y="200.62211367188718"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#FF0000" raised="false" type="dashed" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.0078125" x="-6.913906250000309" xml:space="preserve" y="18.910353412126142">TB1<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="-0.5" nodeRatioX="0.0" nodeRatioY="-0.4664715990636227" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n2">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="315.409166121018" width="12.179999999999325" x="857.1073454715039" y="398.44871367188716"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#FF0000" raised="false" type="dashed" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.0078125" x="-6.913906250000309" xml:space="preserve" y="165.94207995215538">TB2<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.3314683517128287E-15" nodeRatioY="0.05576275111294027" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n3">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="342.98698105468577" width="200.67999999999978" x="342.94159179687404" y="329.30920419922944"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="dotted" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="6.883049475401549" y="25.723656299968127">
+ <y:LabelModel>
+ <y:SmartNodeLabelModel distance="4.0"/>
+ </y:LabelModel>
+ <y:ModelParameter>
+ <y:SmartNodeLabelModelParameter labelRatioX="-0.5" labelRatioY="-0.5" nodeRatioX="-0.46570136797188777" nodeRatioY="-0.42500107082528954" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+ </y:ModelParameter>
+ </y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n4">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="149.14062499999994" x="974.6586840820303" y="342.980075781258"/>
+ <y:Fill color="#CCFFCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="98.037109375" x="25.5517578125" xml:space="preserve" y="16.6494140625">Trusted Service 1<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n5">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="149.14062499999994" x="974.6586840820304" y="631.9019579101412"/>
+ <y:Fill color="#CCFFCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="98.037109375" x="25.551757812499886" xml:space="preserve" y="16.6494140625">Trusted Service 2<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n6">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="95.3709810546855" width="149.14062499999994" x="656.5949816894521" y="434.9416231445441"/>
+ <y:Fill color="#CCCCCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="30.00390625" x="59.568359375" xml:space="preserve" y="38.33490458984272">SPM<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n7">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="149.14062499999994" x="367.4203417968745" y="346.15949472657235"/>
+ <y:Fill color="#FFDD56" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="72.70703125" x="38.216796875" xml:space="preserve" y="16.6494140625">u-boot/EDK2<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n8">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="149.14062499999994" x="367.4203417968745" y="415.1892041992295"/>
+ <y:Fill color="#FFDD56" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="98.037109375" x="25.5517578125" xml:space="preserve" y="16.6494140625">Operating system<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n9">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="149.14062499999994" x="367.4203417968745" y="496.98920419922956"/>
+ <y:Fill color="#FFDD56" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="126.0625" x="11.5390625" xml:space="preserve" y="16.6494140625">User-space application<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n10">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="149.14062499999994" x="625.7735073852574" y="631.9019579101412"/>
+ <y:Fill color="#CCCCCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="79.345703125" x="34.8974609375" xml:space="preserve" y="16.6494140625">FF-A Manifest<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n11">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="124.88348205566643" x="981.027255554197" y="245.62007578125798"/>
+ <y:Fill color="#CCFFCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="48.103515625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="110.716796875" x="7.083342590333245" xml:space="preserve" y="1.9482421875">Dedicated,
+Physically protected
+HW<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="parallelogram"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n12">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="149.14062499999994" x="691.3269164213868" y="554.353966953524"/>
+ <y:Fill color="#CCCCCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="59.37109375" x="44.884765625" xml:space="preserve" y="16.6494140625">Debug-log<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n13">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="24.360000000000014" width="103.80040771484022" x="1177.7967895507836" y="356.800075781258"/>
+ <y:Fill color="#CCFFCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="88.03515625" x="7.882625732420138" xml:space="preserve" y="2.829414062500007">Peripheral IFC2<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="parallelogram"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n14">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="71.230075781258" width="157.46968750000036" x="1356.3271972656235" y="333.3650378906291"/>
+ <y:Fill color="#DDD55F" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="48.103515625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.39453125" x="13.03757812500021" xml:space="preserve" y="11.563280078128969">Dedicated,
+Not physically protected
+HW<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="parallelogram"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n15">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="52.0" width="142.0601162719767" x="1088.5370809936471" y="490.9227263183567"/>
+ <y:Fill color="#BCDD5F" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="48.103515625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="110.716796875" x="15.671659698488384" xml:space="preserve" y="1.9482421875">Non dedicated,
+Physically protected
+HW<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="parallelogram"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n16">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="71.230075781258" width="157.46968750000036" x="1356.3271972656235" y="481.3076884277277"/>
+ <y:Fill color="#DDD55F" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="48.103515625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.39453125" x="13.03757812500021" xml:space="preserve" y="11.563280078128969">Non dedicated,
+Not physically protected
+HW<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="parallelogram"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n17">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="12.496800000000093" width="167.67999999999955" x="999.834394531249" y="563.9227263183567"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#FF0000" raised="false" type="dashed" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.0078125" x="5.751194618473619" xml:space="preserve" y="-3.1021859374999394">TB4<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="-0.5" labelRatioY="0.0" nodeRatioX="-0.46570136797188844" nodeRatioY="1.1102230246251565E-15" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n18">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="355.14698105468574" width="12.179999999999325" x="1318.632197265624" y="307.6918526367132"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#FF0000" raised="false" type="dashed" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.0078125" x="-6.913906250000309" xml:space="preserve" y="168.22290458984287">TB5<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.3314683517128287E-15" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n19" yfiles.foldertype="group">
+ <data key="d4" xml:space="preserve"/>
+ <data key="d6">
+ <y:ProxyAutoBoundsNode>
+ <y:Realizers active="0">
+ <y:GroupNode>
+ <y:Geometry height="188.8417925826776" width="475.4228202048764" x="747.7325835416852" y="-14.110811983915937"/>
+ <y:Fill hasColor="false" transparent="false"/>
+ <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="22.37646484375" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="475.4228202048764" x="0.0" xml:space="preserve" y="0.0">Color code</y:NodeLabel>
+ <y:Shape type="roundrectangle"/>
+ <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
+ <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
+ <y:BorderInsets bottom="1" bottomF="0.8802461538460875" left="0" leftF="0.0" right="14" rightF="13.896470965118851" top="0" topF="0.0"/>
+ </y:GroupNode>
+ <y:GroupNode>
+ <y:Geometry height="50.0" width="50.0" x="120.0" y="60.0"/>
+ <y:Fill color="#F2F0D8" transparent="false"/>
+ <y:BorderStyle color="#000000" type="line" width="1.0"/>
+ <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#B7B69E" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="22.37646484375" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="59.02685546875" x="-4.513427734375" xml:space="preserve" y="0.0">Folder 1</y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ <y:DropShadow color="#D2D2D2" offsetX="4" offsetY="4"/>
+ <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
+ <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
+ <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
+ </y:GroupNode>
+ </y:Realizers>
+ </y:ProxyAutoBoundsNode>
+ </data>
+ <graph edgedefault="directed" id="n19:">
+ <node id="n19::n0">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="30.0" width="200.59682538012066" x="762.8989327814432" y="23.265652859834063"/>
+ <y:Fill color="#CCFFCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="114.736328125" x="42.93024862756033" xml:space="preserve" y="5.6494140625">Isolated components<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n19::n1">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="30.0" width="200.67999999999978" x="762.8157581615641" y="128.8507344449156"/>
+ <y:Fill color="#DDD55F" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="151.41015625" x="24.634921874999918" xml:space="preserve" y="5.6494140625">Exposed to physical access<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n19::n2">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="30.0" width="200.76317461987873" x="762.7325835416852" y="76.05819365237483"/>
+ <y:Fill color="#BCDD5F" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="106.0703125" x="47.34643105993939" xml:space="preserve" y="5.6494140625">Isolated but shared<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n19::n3">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="30.0" width="200.7631746198785" x="993.4957581615641" y="76.05819365237483"/>
+ <y:Fill color="#CCCCCC" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="162.736328125" x="19.013423247439164" xml:space="preserve" y="5.6494140625">Out-of-scope, must be trusted<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ <node id="n19::n4">
+ <data key="d6">
+ <y:ShapeNode>
+ <y:Geometry height="30.0" width="200.76317461987873" x="993.495758161564" y="23.265652859834063"/>
+ <y:Fill color="#FFDD56" transparent="false"/>
+ <y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
+ <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="71.37109375" x="64.69604043493928" xml:space="preserve" y="5.6494140625">Non-isolated<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
+ <y:Shape type="rectangle"/>
+ </y:ShapeNode>
+ </data>
+ </node>
+ </graph>
+ </node>
+ <edge id="e0" source="n6" target="n3">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="100.35106717916995" ty="90.5448068626963"/>
+ <y:LineStyle color="#000000" type="dotted" width="2.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="33.34375" x="-73.15855895996197" xml:space="preserve" y="23.397088022583603">DF12<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e1" source="n4" target="n3">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="87.3301092996351" ty="-53.368876149144754">
+ <y:Point x="789.0" y="443.36824352897344"/>
+ <y:Point x="670.0" y="453.09318525391524"/>
+ </y:Path>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="-93.31397923028646" xml:space="preserve" y="13.511950700802515">DF2<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="24.848250729860908" distanceToCenter="true" position="center" ratio="0.36841189565104326" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e2" source="n5" target="n4">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="-13.334968261719723" xml:space="preserve" y="-127.81154663086295">DF5<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e3" source="n4" target="n13">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="13.663771972656832" xml:space="preserve" y="-9.35058217772638">DF8<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e4" source="n13" target="n14">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="33.34375" x="25.889809570311172" xml:space="preserve" y="-9.35058217772638">DF11<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e5" source="n4" target="n11">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e6" source="n5" target="n15">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="21.485103988645278" xml:space="preserve" y="-53.840221362313514">DF7<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e7" source="n4" target="n15">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="22.99748608880236" xml:space="preserve" y="38.620743090823">DF6<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="0.4445858052130681" distanceToCenter="true" position="left" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e8" source="n4" target="n16">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="109.69154907226448" xml:space="preserve" y="37.82232548473888">DF9<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e9" source="n5" target="n16">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="33.34375" x="103.00539184570198" xml:space="preserve" y="-53.07938396899635">DF10<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e10" source="n4" target="n12">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
+ <y:Point x="923.0" y="478.0"/>
+ <y:Point x="754.0338550742626" y="478.0"/>
+ </y:Path>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="-69.70529382688164" xml:space="preserve" y="39.334672900394594">DF4<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="23.364876657804036" distanceToCenter="false" position="center" ratio="0.49999999999999944" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e11" source="n4" target="n3">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="100.34788915745409" ty="-131.82261894531433"/>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="-228.85351440429793" xml:space="preserve" y="-9.35058217772638">DF1<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.5" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e12" source="n4" target="n5">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
+ <y:Point x="770.0980849792" y="503.8026947265723"/>
+ </y:Path>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="26.669921875" x="-107.35476828593619" xml:space="preserve" y="36.06179093568505">DF3<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="center" ratio="0.32879346603393395" segment="0"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ <edge id="e13" source="n10" target="n4">
+ <data key="d10">
+ <y:PolyLineEdge>
+ <y:Path sx="-46.75109261252976" sy="-9.459533667717096" tx="0.0" ty="0.0">
+ <y:Point x="691.103216783217" y="467.8363636363635"/>
+ <y:Point x="817.5274592074595" y="456.72214452214445"/>
+ </y:Path>
+ <y:LineStyle color="#000000" type="line" width="1.0"/>
+ <y:Arrows source="standard" target="standard"/>
+ <y:EdgeLabel alignment="center" backgroundColor="#FFFFFF" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasLineColor="false" height="18.701171875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="33.34375" x="160.4999963748819" xml:space="preserve" y="-191.48229906486733">DF13<y:LabelModel><y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/></y:LabelModel><y:ModelParameter><y:SmartEdgeLabelModelParameter angle="0.0" distance="0.5921559499140859" distanceToCenter="true" position="left" ratio="0.12442805389270134" segment="-1"/></y:ModelParameter><y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
+ <y:BendStyle smoothed="false"/>
+ </y:PolyLineEdge>
+ </data>
+ </edge>
+ </graph>
+ <data key="d7">
+ <y:Resources/>
+ </data>
+</graphml>
diff --git a/docs/security/generic-data-flow.svg b/docs/security/generic-data-flow.svg
new file mode 100644
index 0000000..6e6c528
--- /dev/null
+++ b/docs/security/generic-data-flow.svg
@@ -0,0 +1,252 @@
+<?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" fill-opacity="1" color-rendering="auto" color-interpolation="auto" text-rendering="auto" stroke="black" stroke-linecap="square" width="1105" stroke-miterlimit="10" shape-rendering="auto" stroke-opacity="1" fill="black" stroke-dasharray="none" font-weight="normal" stroke-width="1" height="803" font-family="'Dialog'" font-style="normal" stroke-linejoin="miter" font-size="12px" stroke-dashoffset="0" image-rendering="auto">
+ <!--Generated by ySVG 2.5-->
+ <defs id="genericDefs"/>
+ <g>
+ <defs id="defs1">
+ <clipPath clipPathUnits="userSpaceOnUse" id="clipPath1">
+ <path d="M0 0 L1105 0 L1105 803 L0 803 L0 0 Z"/>
+ </clipPath>
+ <clipPath clipPathUnits="userSpaceOnUse" id="clipPath2">
+ <path d="M332 -58 L1524 -58 L1524 808.2226 L332 808.2226 L332 -58 Z"/>
+ </clipPath>
+ </defs>
+ <g stroke-linecap="butt" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" fill="red" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" stroke-dasharray="6,2" stroke="red" stroke-miterlimit="1.45">
+ <rect fill="none" x="999.8344" width="167.68" height="12.4968" y="457.4259" clip-path="url(#clipPath2)"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" font-family="sans-serif" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <text x="1005.8344" xml:space="preserve" y="468.3882" clip-path="url(#clipPath2)" stroke="none">TB3</text>
+ </g>
+ <g stroke-linecap="butt" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" fill="red" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" stroke-dasharray="6,2" stroke="red" stroke-miterlimit="1.45">
+ <rect fill="none" x="583.5935" width="12.18" height="564.01" y="200.6221" clip-path="url(#clipPath2)"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" font-family="sans-serif" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <text x="578.6796" xml:space="preserve" y="233.5969" clip-path="url(#clipPath2)" stroke="none">TB1</text>
+ </g>
+ <g stroke-linecap="butt" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" fill="red" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" stroke-dasharray="6,2" stroke="red" stroke-miterlimit="1.45">
+ <rect fill="none" x="857.1073" width="12.18" height="315.4092" y="398.4487" clip-path="url(#clipPath2)"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" font-family="sans-serif" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <text x="852.1934" xml:space="preserve" y="578.4553" clip-path="url(#clipPath2)" stroke="none">TB2</text>
+ </g>
+ <g stroke-linecap="round" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-dashoffset="2" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" stroke-dasharray="0,4" stroke-miterlimit="1.45">
+ <rect fill="none" x="342.9416" width="200.68" height="342.987" y="329.3092" clip-path="url(#clipPath2)"/>
+ </g>
+ <g fill="rgb(204,255,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,255,204)">
+ <rect x="974.6587" width="149.1406" height="52" y="342.9801" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="974.6587" width="149.1406" height="52" y="342.9801" clip-path="url(#clipPath2)"/>
+ <text x="1002.2104" xml:space="preserve" y="373.6939" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Trusted Service 1</text>
+ </g>
+ <g fill="rgb(204,255,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,255,204)">
+ <rect x="974.6587" width="149.1406" height="52" y="631.902" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="974.6587" width="149.1406" height="52" y="631.902" clip-path="url(#clipPath2)"/>
+ <text x="1002.2104" xml:space="preserve" y="662.6158" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Trusted Service 2</text>
+ </g>
+ <g fill="rgb(204,204,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,204,204)">
+ <rect x="656.595" width="149.1406" height="95.371" y="434.9416" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="656.595" width="149.1406" height="95.371" y="434.9416" clip-path="url(#clipPath2)"/>
+ <text x="718.1633" xml:space="preserve" y="487.341" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">SPM</text>
+ </g>
+ <g fill="rgb(255,221,86)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(255,221,86)">
+ <rect x="367.4203" width="149.1406" height="52" y="346.1595" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="367.4203" width="149.1406" height="52" y="346.1595" clip-path="url(#clipPath2)"/>
+ <text x="407.6371" xml:space="preserve" y="376.8734" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">u-boot/EDK2</text>
+ </g>
+ <g fill="rgb(255,221,86)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(255,221,86)">
+ <rect x="367.4203" width="149.1406" height="52" y="415.1892" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="367.4203" width="149.1406" height="52" y="415.1892" clip-path="url(#clipPath2)"/>
+ <text x="394.9721" xml:space="preserve" y="445.9031" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Operating system</text>
+ </g>
+ <g fill="rgb(255,221,86)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(255,221,86)">
+ <rect x="367.4203" width="149.1406" height="52" y="496.9892" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="367.4203" width="149.1406" height="52" y="496.9892" clip-path="url(#clipPath2)"/>
+ <text x="380.9594" xml:space="preserve" y="527.7031" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">User-space application</text>
+ </g>
+ <g fill="rgb(204,204,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,204,204)">
+ <rect x="625.7735" width="149.1406" height="52" y="631.902" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="625.7735" width="149.1406" height="52" y="631.902" clip-path="url(#clipPath2)"/>
+ <text x="662.671" xml:space="preserve" y="662.6158" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">FF-A Manifest</text>
+ </g>
+ <g fill="rgb(204,255,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,255,204)">
+ <path d="M993.5156 245.6201 L1105.9108 245.6201 L1093.4224 297.6201 L981.0273 297.6201 Z" fill-rule="evenodd" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <path fill="none" d="M993.5156 245.6201 L1105.9108 245.6201 L1093.4224 297.6201 L981.0273 297.6201 Z" fill-rule="evenodd" clip-path="url(#clipPath2)"/>
+ <text x="1014.7844" xml:space="preserve" y="261.6328" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Dedicated,</text>
+ <text x="990.1106" xml:space="preserve" y="276.334" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Physically protected</text>
+ <text x="1033.4729" xml:space="preserve" y="291.0351" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">HW</text>
+ </g>
+ <g fill="rgb(204,204,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,204,204)">
+ <rect x="691.3269" width="149.1406" height="52" y="554.354" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="691.3269" width="149.1406" height="52" y="554.354" clip-path="url(#clipPath2)"/>
+ <text x="738.2117" xml:space="preserve" y="585.0678" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Debug-log</text>
+ </g>
+ <g fill="rgb(204,255,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,255,204)">
+ <path d="M1188.1769 356.8001 L1281.5972 356.8001 L1271.2172 381.1601 L1177.7968 381.1601 Z" fill-rule="evenodd" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <path fill="none" d="M1188.1769 356.8001 L1281.5972 356.8001 L1271.2172 381.1601 L1177.7968 381.1601 Z" fill-rule="evenodd" clip-path="url(#clipPath2)"/>
+ <text x="1187.6794" xml:space="preserve" y="373.6939" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Peripheral IFC2</text>
+ </g>
+ <g fill="rgb(221,213,95)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(221,213,95)">
+ <path d="M1372.0742 333.3651 L1513.7969 333.3651 L1498.0499 404.5951 L1356.3271 404.5951 Z" fill-rule="evenodd" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <path fill="none" d="M1372.0742 333.3651 L1513.7969 333.3651 L1498.0499 404.5951 L1356.3271 404.5951 Z" fill-rule="evenodd" clip-path="url(#clipPath2)"/>
+ <text x="1406.3774" xml:space="preserve" y="358.9928" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Dedicated,</text>
+ <text x="1371.3647" xml:space="preserve" y="373.6939" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Not physically protected</text>
+ <text x="1425.0659" xml:space="preserve" y="388.3951" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">HW</text>
+ </g>
+ <g fill="rgb(188,221,95)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(188,221,95)">
+ <path d="M1102.743 490.9227 L1230.5972 490.9227 L1216.3912 542.9227 L1088.5371 542.9227 Z" fill-rule="evenodd" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <path fill="none" d="M1102.743 490.9227 L1230.5972 490.9227 L1216.3912 542.9227 L1088.5371 542.9227 Z" fill-rule="evenodd" clip-path="url(#clipPath2)"/>
+ <text x="1119.2048" xml:space="preserve" y="506.9354" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Non dedicated,</text>
+ <text x="1106.2087" xml:space="preserve" y="521.6366" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Physically protected</text>
+ <text x="1149.571" xml:space="preserve" y="536.3378" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">HW</text>
+ </g>
+ <g fill="rgb(221,213,95)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(221,213,95)">
+ <path d="M1372.0742 481.3077 L1513.7969 481.3077 L1498.0499 552.5378 L1356.3271 552.5378 Z" fill-rule="evenodd" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <path fill="none" d="M1372.0742 481.3077 L1513.7969 481.3077 L1498.0499 552.5378 L1356.3271 552.5378 Z" fill-rule="evenodd" clip-path="url(#clipPath2)"/>
+ <text x="1394.6997" xml:space="preserve" y="506.9354" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Non dedicated,</text>
+ <text x="1371.3647" xml:space="preserve" y="521.6366" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Not physically protected</text>
+ <text x="1425.0659" xml:space="preserve" y="536.3378" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">HW</text>
+ <rect x="999.8344" y="563.9227" clip-path="url(#clipPath2)" fill="none" width="167.68" stroke-dasharray="6,2" height="12.4968" stroke="red"/>
+ <text x="1007.5856" xml:space="preserve" y="574.885" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">TB4</text>
+ <rect x="1318.6322" y="307.6919" clip-path="url(#clipPath2)" fill="none" width="12.18" stroke-dasharray="6,2" height="355.147" stroke="red"/>
+ <text x="1313.7183" xml:space="preserve" y="489.9792" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">TB5</text>
+ <path fill="none" d="M966.9668 392.4953 L789 443.3683 L670 453.0932 L551.6387 448.2875" clip-path="url(#clipPath2)"/>
+ <path d="M974.6587 390.2965 L961.7466 388.7872 L966.0053 392.7701 L964.4951 398.4021 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M543.6453 447.963 L555.4326 453.4457 L552.6379 448.3281 L555.8383 443.4539 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="881.3447" y="403.8084" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="883.3447" xml:space="preserve" y="417.8729" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">DF2</text>
+ <path fill="none" d="M966.6587 368.9801 L551.6295 368.9801" clip-path="url(#clipPath2)"/>
+ <path d="M974.6587 368.9801 L962.6587 363.9801 L965.6587 368.9801 L962.6587 373.9801 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M543.6295 368.9801 L555.6295 373.9801 L552.6295 368.9801 L555.6295 363.9801 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="745.8052" y="359.6295" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="747.8052" xml:space="preserve" y="373.6939" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">DF1</text>
+ <path fill="none" d="M988.196 398.4595 L770.0981 503.8027 L995.1298 628.0355" clip-path="url(#clipPath2)"/>
+ <path d="M995.3997 394.9801 L982.4195 395.697 L987.2955 398.8945 L986.7689 404.7016 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1002.1334 631.902 L994.0445 621.725 L994.2543 627.5522 L989.2114 630.4796 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="888.045" y="431.0419" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="890.0449" xml:space="preserve" y="445.1063" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">DF3</text>
+ <path fill="none" d="M1049.229 623.902 L1049.229 402.9801" clip-path="url(#clipPath2)"/>
+ <path d="M1049.229 631.902 L1054.229 619.902 L1049.229 622.902 L1044.229 619.902 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1049.229 394.9801 L1044.229 406.9801 L1049.229 403.9801 L1054.229 406.9801 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="1035.894" y="504.0904" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="1037.894" xml:space="preserve" y="518.1549" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">DF5</text>
+ </g>
+ <g stroke-linecap="round" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-dashoffset="2" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" stroke-dasharray="0,8" stroke-width="2" stroke-miterlimit="1.45">
+ <path fill="none" d="M648.8088 530.3726 L551.4188 586.8336" clip-path="url(#clipPath2)"/>
+ <path d="M656.595 525.8586 L642.0945 527.7632 L647.8356 530.9368 L647.737 537.4959 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M543.6326 591.3475 L558.1331 589.443 L552.3921 586.2693 L552.4907 579.7103 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="583.4364" y="549.2557" clip-path="url(#clipPath2)" fill="white" width="33.3438" height="18.7012" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" font-family="sans-serif" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <text x="585.4364" xml:space="preserve" y="563.3201" clip-path="url(#clipPath2)" stroke="none">DF12</text>
+ <path fill="none" d="M658.6537 624.0746 L691.1032 467.8364 L817.5275 456.7221 L973.0889 397.8132" clip-path="url(#clipPath2)"/>
+ <path d="M657.0269 631.9074 L664.3627 621.1749 L658.8571 623.0955 L654.5716 619.1414 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M980.5704 394.9801 L967.5775 394.5538 L972.1537 398.1674 L971.1188 403.9058 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="817.5269" y="440.4252" clip-path="url(#clipPath2)" fill="white" width="33.3438" height="18.7012" stroke="none"/>
+ <text x="819.5269" xml:space="preserve" y="454.4896" clip-path="url(#clipPath2)" stroke="none">DF13</text>
+ <path fill="none" d="M1047.2183 334.994 L1045.4813 305.6344" clip-path="url(#clipPath2)"/>
+ <path d="M1047.6908 342.9801 L1051.9733 330.7057 L1047.1592 333.9958 L1041.9907 331.2964 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1045.0089 297.6483 L1040.7262 309.9227 L1045.5404 306.6326 L1050.7089 309.3322 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path fill="none" d="M1013.0703 400.2091 L923 478 L754.0339 478 L761.9626 546.4072" clip-path="url(#clipPath2)"/>
+ <path d="M1019.1248 394.9801 L1006.7749 399.0396 L1012.3135 400.8628 L1013.3112 406.6077 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M762.8837 554.3539 L766.4688 541.8581 L761.8475 545.4138 L756.5353 543.0094 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="949.4195" y="434.3147" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="951.4195" xml:space="preserve" y="448.3792" clip-path="url(#clipPath2)" stroke="none">DF4</text>
+ <path fill="none" d="M1131.7993 368.9801 L1174.979 368.9801" clip-path="url(#clipPath2)"/>
+ <path d="M1123.7993 368.9801 L1135.7993 373.9801 L1132.7993 368.9801 L1135.7993 363.9801 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1182.979 368.9801 L1170.979 363.9801 L1173.979 368.9801 L1170.979 373.9801 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="1137.4631" y="359.6295" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="1139.4631" xml:space="preserve" y="373.6939" clip-path="url(#clipPath2)" stroke="none">DF8</text>
+ <path fill="none" d="M1284.4005 368.9801 L1356.2144 368.9801" clip-path="url(#clipPath2)"/>
+ <path d="M1276.4005 368.9801 L1288.4005 373.9801 L1285.4005 368.9801 L1288.4005 363.9801 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1364.2144 368.9801 L1352.2144 363.9801 L1355.2144 368.9801 L1352.2144 373.9801 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="1302.2903" y="359.6295" clip-path="url(#clipPath2)" fill="white" width="33.3438" height="18.7012" stroke="none"/>
+ <text x="1304.2903" xml:space="preserve" y="373.6939" clip-path="url(#clipPath2)" stroke="none">DF11</text>
+ <path fill="none" d="M1074.5087 625.6021 L1134.2703 549.2445" clip-path="url(#clipPath2)"/>
+ <path d="M1069.578 631.902 L1080.9114 625.5338 L1075.125 624.8146 L1073.0365 619.3705 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1139.2009 542.9446 L1127.8676 549.3128 L1133.6539 550.032 L1135.7423 555.4761 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="1091.0631" y="578.0618" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="1093.0631" xml:space="preserve" y="592.1262" clip-path="url(#clipPath2)" stroke="none">DF7</text>
+ <path fill="none" d="M1073.4031 401.3929 L1135.4004 484.5197" clip-path="url(#clipPath2)"/>
+ <path d="M1068.6202 394.9801 L1071.7865 407.5886 L1074.001 402.1945 L1079.8025 401.61 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1140.1832 490.9325 L1137.017 478.324 L1134.8025 483.718 L1129.001 484.3025 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="1091.6177" y="433.6008" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="1093.6177" xml:space="preserve" y="447.6653" clip-path="url(#clipPath2)" stroke="none">DF6</text>
+ <path fill="none" d="M1124.5065 397.8442 L1362.2559 489.0061" clip-path="url(#clipPath2)"/>
+ <path d="M1117.0367 394.9801 L1126.4512 403.9449 L1125.4402 398.2022 L1130.0314 394.6078 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1369.7256 491.8703 L1360.3112 482.9055 L1361.3221 488.6481 L1356.731 492.2426 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="1226.7283" y="432.8024" clip-path="url(#clipPath2)" fill="white" width="26.6699" height="18.7012" stroke="none"/>
+ <text x="1228.7283" xml:space="preserve" y="446.8669" clip-path="url(#clipPath2)" stroke="none">DF9</text>
+ <path fill="none" d="M1127.9001 629.1564 L1350.4539 547.8376" clip-path="url(#clipPath2)"/>
+ <path d="M1120.386 631.902 L1133.3732 632.4799 L1128.8394 628.8132 L1129.9412 623.0873 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <path d="M1357.968 545.0921 L1344.9808 544.5142 L1349.5146 548.1808 L1348.4128 553.9068 Z" clip-path="url(#clipPath2)" stroke="none"/>
+ <rect x="1223.3914" y="578.8226" clip-path="url(#clipPath2)" fill="white" width="33.3438" height="18.7012" stroke="none"/>
+ <text x="1225.3914" xml:space="preserve" y="592.887" clip-path="url(#clipPath2)" stroke="none">DF10</text>
+ </g>
+ <g fill="rgb(235,235,235)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(235,235,235)">
+ <rect x="747.7326" width="475.4228" height="22.3765" y="-14.1108" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g font-size="15px" stroke-linecap="butt" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" text-rendering="geometricPrecision" font-family="sans-serif" shape-rendering="geometricPrecision" stroke-miterlimit="1.45">
+ <text x="949.1744" xml:space="preserve" y="2.9698" clip-path="url(#clipPath2)" stroke="none">Color code</text>
+ <rect x="747.7326" y="-14.1108" clip-path="url(#clipPath2)" fill="none" width="475.4228" stroke-dasharray="6,2" rx="4" ry="4" height="188.8418"/>
+ </g>
+ <g fill="rgb(204,255,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,255,204)">
+ <rect x="762.8989" width="200.5968" height="30" y="23.2657" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="762.8989" width="200.5968" height="30" y="23.2657" clip-path="url(#clipPath2)"/>
+ <text x="807.8292" xml:space="preserve" y="42.9795" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Isolated components</text>
+ </g>
+ <g fill="rgb(221,213,95)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(221,213,95)">
+ <rect x="762.8158" width="200.68" height="30" y="128.8507" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="762.8158" width="200.68" height="30" y="128.8507" clip-path="url(#clipPath2)"/>
+ <text x="789.4507" xml:space="preserve" y="148.5646" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Exposed to physical access</text>
+ </g>
+ <g fill="rgb(188,221,95)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(188,221,95)">
+ <rect x="762.7326" width="200.7632" height="30" y="76.0582" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="762.7326" width="200.7632" height="30" y="76.0582" clip-path="url(#clipPath2)"/>
+ <text x="812.079" xml:space="preserve" y="95.7721" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Isolated but shared</text>
+ </g>
+ <g fill="rgb(204,204,204)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(204,204,204)">
+ <rect x="993.4958" width="200.7632" height="30" y="76.0582" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="993.4958" width="200.7632" height="30" y="76.0582" clip-path="url(#clipPath2)"/>
+ <text x="1014.5092" xml:space="preserve" y="95.7721" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Out-of-scope, must be trusted</text>
+ </g>
+ <g fill="rgb(255,221,86)" text-rendering="geometricPrecision" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke="rgb(255,221,86)">
+ <rect x="993.4958" width="200.7632" height="30" y="23.2657" clip-path="url(#clipPath2)" stroke="none"/>
+ </g>
+ <g text-rendering="geometricPrecision" stroke-miterlimit="1.45" shape-rendering="geometricPrecision" transform="matrix(0.927,0,0,0.927,-307.7685,53.7668)" stroke-linecap="butt">
+ <rect fill="none" x="993.4958" width="200.7632" height="30" y="23.2657" clip-path="url(#clipPath2)"/>
+ <text x="1060.1918" xml:space="preserve" y="42.9795" clip-path="url(#clipPath2)" font-family="sans-serif" stroke="none">Non-isolated</text>
+ </g>
+ </g>
+</svg>
diff --git a/docs/security/index.rst b/docs/security/index.rst
index ac271be..513c3fd 100644
--- a/docs/security/index.rst
+++ b/docs/security/index.rst
@@ -6,14 +6,15 @@
:caption: Contents:
self
+ threat-model
-TODO:
-SDL
-Threat Modell
-etc..
+The security model of Trusted Services build on the `Platform Security Model`_ v1.1 beta. For a concept level overview
+please refer to this document.
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+.. _`Platform Security Model`: https://developer.arm.com/documentation/den0128/1-1/?lang=en
+
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/security/threat-model.rst b/docs/security/threat-model.rst
new file mode 100644
index 0000000..3bd9dd0
--- /dev/null
+++ b/docs/security/threat-model.rst
@@ -0,0 +1,439 @@
+Generic Threat Model
+====================
+
+Threat modeling is a process to identify security requirements, pinpoint security threats and potential vulnerabilities,
+quantify threat and vulnerability criticality and prioritize remediation methods.
+
+In the next sections you can find the output of this process the for a generic, use-case and service independent
+assessment.
+
+Target evaluation
+-----------------
+
+In this threat model, the target of evaluation is the S-EL0 SPs part of the PSA RoT hosting a "generalized" trusted
+service.
+
+This evaluation is based on the following assumptions:
+
+ * The implementation is based on the |FF-A| standard.
+ * Trusted boot is enabled. This means an attacker can’t boot arbitrary images that are not approved by platform
+ providers.
+ * Each trusted service is running in an S-EL0 secure partition. Access to memory and hardware is controlled by the
+ SPM based on the FF-A manifest or FF-A framework messages.
+ * Components running at higher privilege levels than S-EL0 are to be inherently trusted. (I.e. the SPM).
+
+Data flow diagram
+-----------------
+
+The data flow diagram visualizes the connection between components and where the data flow crosses security boundaries.
+
+.. image:: ./generic-data-flow.svg
+ :target: Attachments_
+
+.. table:: List of data flows
+
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | Data flow | Description | In scope |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF1 | Trusted Service interacts with NWd client directly. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF2 | Trusted Service interacts with NWd client through SPM. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF3 | Trusted Services interact through SPM. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF4 | Trusted Service logs debug information. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF5 | Trusted Services interact directly. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF6, DF7 | Trusted Services interacts with shared hardware. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF8 | Trusted Service interacts with dedicated peripheral interface. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF9, DF10 | Trusted Service interacts with shared, external hardware. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF11 | Trusted Service interacts with dedicated, external hardware. | Yes |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF12 | NWd interacts with more privileged software. | No |
+ +-----------+---------------------------------------------------------------------------------+----------+
+ | DF13 | FF-A manifest and other data is handed over to a Trussed Service | No |
+ +-----------+---------------------------------------------------------------------------------+----------+
+
+Trust boundaries
+----------------
+
+.. list-table:: List of trust boundaries
+
+ * - Trust boundary
+ - Description
+ * - TB1
+ - Trust boundary between TEE and normal world.
+ * - TB2
+ - Trust boundary between higher privilege level SW and Trusted Services.
+ * - TB3, TB4
+ - Trust boundary between trusted services.
+ * - TB5
+ - Trust boundary to physically accessible external hardware.
+
+Assets
+------
+
+The above dataflow identifies the following generalized assets.
+
+.. table::
+
+ +----------------------+----------------------------------------------------------------------------------+
+ | Asset | Description |
+ +----------------------+----------------------------------------------------------------------------------+
+ | ``availability`` | Availability of a trusted service to clients. |
+ +----------------------+----------------------------------------------------------------------------------+
+ | ``code execution`` | Code or code flow of a trusted service. |
+ +----------------------+----------------------------------------------------------------------------------+
+ | ``sensitive data`` | Data that an attacker must not tamper with. These include device identity key, |
+ | | Initial Attestation Key, Protected Storage Key, UEFI variables, tpm-event log, |
+ | | etc... |
+ +----------------------+----------------------------------------------------------------------------------+
+ |``sensitive hardware``| Hardware that an attacker must not be tamper with. Examples are control interface|
+ | | of storage medium, true random number generator, crypto accelerator. |
+ +----------------------+----------------------------------------------------------------------------------+
+
+Attackers and threat agents
+---------------------------
+
+This section identifies the generalized stakeholders interacting with secure services.
+
+.. list-table::
+ :widths: 20,70,10
+
+ * - Attacker/Threat agent
+ - Description
+ - In scope
+ * - ``NSClient``
+ - Client executing in the normal world.
+ - Yes
+ * - ``SClient``
+ - Client running in SWd.
+ - Yes
+ * - ``HPComponent``
+ - Components running at higher privilege level than the trusted service.
+ - No
+ * - ``AppDebug``
+ - Physical attacker using debug signals to access resources.
+ - Yes
+ * - ``PhysAcc``
+ - Physical attacker having access to the external device communication bus and to the external flash communication
+ bus using common hardware.
+ - Yes
+ * - ``AdvPhysAcc``
+ - Attackers who are able to use specialist hardware for attacks that require irreversible changes to the target
+ system (e.g., "rewiring" a chip using a Focused IonBeam FIB workstation).
+ - No
+
+
+
+Threat Priority
+---------------
+
+Threat priority calculation is based on `Common Vulnerability Scoring System`_ (CVSS) Version 3.1. The threat priority
+is represented by the `Severity Rating Scale`_ calculated from the CVSS score of each threat. The CVSS score is
+calculated using the `Vulnerability Calculator`_.
+
+For each threat the priority and a link to CVSS calculator capturing the calculator settings will be listed.
+
+Threat Types
+------------
+
+In this threat model we categorize threats using the `STRIDE threat analysis technique`_. In this technique a threat is
+categorized as one or more of these types: ``Spoofing``, ``Tampering``, ``Repudiation``, ``Information disclosure``,
+``Denial of service`` or ``Elevation of privilege``.
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 1
+ * - Description
+ - Information leak via debug logs.
+
+ During development it is common practice to help understanding code execution by emitting
+ debug logs.
+ * - Data flow
+ - DF4
+ * - Asset(s)
+ - ``Sensitive Data``
+ * - Threat Agent/Attacker
+ - ``AppDebug``
+ * - Threat type
+ - ``Information disclosure``
+ * - Impact
+ - Sensitive information may get to unauthorized people. Information can potentially help
+ compromising the target or other systems.
+ * - Scoring/CVSS
+ - Medium, 4.6 `CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N>`_
+ * - Mitigation
+ - Log messages are put to "verbosity categories". Release builds limit printed log messages
+ to "error" category.
+ * - Mitigation in place
+ - yes
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 2
+ * - Description
+ - An attacker can tamper with sensitive data and execute arbitrary code through hardware-assisted
+ debug interface.
+ * - Data flow
+ - N/A.
+ * - Asset(s)
+ - ``Sensitive Data``, ``Code Execution``, ``Sensitive Hardware``
+ * - Threat Agent/Attacker
+ - ``AppDebug``
+ * - Threat type
+ - ``Information disclosure``, ``Tampering``
+ * - Impact
+ - Sensitive information may get to unauthorized people. Information can potentially help
+ compromising the target or other systems.
+
+ An attacker may modify sensitive data and alter device behavior and thus compromise the
+ target or other systems.
+ * - Scoring/CVSS
+ - Medium, 6.8 `CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H>`_
+ * - Mitigation
+ - Hardware platform specific means to disable or limit access to debug functionality.
+ * - Mitigation in place
+ - yes
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 3
+ * - Description
+ - An attacker can perform a denial-of-service attack by using a broken service call that
+ causes the service to enter an unknown state.
+
+ Secure and non-secure clients access a trusted service through FF-A calls. Malicious code
+ can attempt to place the service into an inconsistent state by calling unimplemented
+ calls or by passing invalid arguments.
+ * - Data flow
+ - DF1, DF2, DF3, DF5
+ * - Asset(s)
+ - ``Availability``
+ * - Threat Agent/Attacker
+ - ``NSclient``, ``SClient``
+ * - Threat type
+ - ``Denial of service``
+ * - Impact
+ - The service or the whole system may temporarily or permanently enter an unusable state.
+ * - Scoring/CVSS
+ - Medium, 6.8 `CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H>`_
+ * - Mitigation
+ - The service must validate all inputs before usage. Input validation shall be checked during
+ code review and by testing.
+ * - Mitigation in place
+ - yes
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 4
+ * - Description
+ - Memory corruption due to memory overflows and lack of boundary checking when accessing
+ resources.
+
+ Allows an attacker to execute arbitrary code, modify memory content to change
+ program flow.
+ * - Data flow
+ - DF1, DF2, DF3, DF5
+ * - Asset(s)
+ - ``Code execution``, ``Sensitive Data``, ``Denial of service``
+ * - Threat Agent/Attacker
+ - ``SClient``, ``NSClient``, ``HSComponent``
+ * - Threat type
+ - ``Tampering``, ``Information disclosure``, ``Elevation of privilege``, ``Denial of service``
+ * - Impact
+ - The service or the whole system may temporarily or permanently enter an unusable state.
+
+ Malicious code might be executed in the context of the compromised service.
+ Leakage of sensitive data.
+ * - Scoring/CVSS
+ - High, 8.4 `CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H>`_
+ * - Mitigation
+ - The service must validate boundaries and sanity check incoming data. Validation shall be
+ checked during code reviews and by testing.
+ * - Mitigation in place
+ - yes
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 5
+ * - Description
+ - External devices connected to the system storing sensitive data. An attacker could eavesdrop external signals.
+ * - Data flow
+ - DF9, DF10, DF11
+ * - Asset(s)
+ - ``Sensitive Data``
+ * - Threat agent/Attacker
+ - ``PhysAcc``
+ * - Threat type
+ - ``Information disclosure``
+ * - Impact
+ - An attacker may get access to sensitive data, could tamper with sensitive data, or could attack the service
+ using the external device by injecting malicious data, which could lead to malfunction or execution of malicious
+ code.
+ * - Scoring/CVSS
+ - Medium, 5.9 `CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H>`_
+ * - Mitigation
+ - When designing the use case, storage services must be assessed to understand which protection type they can
+ implement (integrity, authenticity, confidentiality, rollback-protection). Sensitive data must be categorized
+ and mapped to the storage service which can provide the needed protection.
+
+ For example integrity can be safeguarded by using checksums. Authenticity by using digital signatures.
+ Confidentiality by using encryption. Rollback protection by using nonce values.
+ * - Mitigation in place
+ - yes
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 6
+ * - Description
+ - State of external devices connected to the system might be modified by an attacker.
+
+ This includes modifying signals, replacing the device, or modifying device content.
+ * - Data flow
+ - DF9, DF10, DF11
+ * - Asset(s)
+ - ``Sensitive Data``, ``Denial of service``, ``Code execution``
+ * - Threat agent/Attacker
+ - ``PhysAcc``
+ * - Threat type
+ - ``Tampering``, ``Denial of service``, ``Code execution``
+ * - Impact
+ - An attacker could tamper with sensitive data, or could attack the system by injecting malicious data, which
+ could lead to malfunction, execution of malicious code, or using old state with known vulnerability.
+ * - Scoring/CVSS
+ - High, 7.3 `CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H>`_
+ * - Mitigation
+ - When designing the use case, storage services must be assessed to understand which protection type they can
+ implement (integrity, authenticity, confidentiality, rollback-protection). Sensitive data must be categorized
+ and mapped to the storage service which can provide the needed protection.
+
+ For example integrity can be safeguarded by using checksums. Authenticity by using digital signatures.
+ Confidentiality by using encryption. Rollback protection by using hardware backed nonce values.
+ * - Mitigation in place
+ - yes
+
+
+.. list-table::
+ :widths: 15,80
+
+ * - ID
+ - 7
+ * - Description
+ - Invalid or conflicting access to shared hardware.
+
+ * - Data flow
+ - DF6, DF7, DF9, DF10
+ * - Asset(s)
+ - ``Sensitive Data``, ``Denial of service``, ``Code execution``
+ * - Threat Agent/Attacker
+ - ``SClient``, ``NSClient``, ``HPComponent``
+ * - Threat type
+ - ``Tampering``, ``Information disclosure``, ``Denial of service``, ``Code execution``
+ * - Impact
+ - A trusted service relying on shared hardware usage might get compromised or misbehaving if other stakeholders
+ affect shared hardware in unexpected way.
+
+ * - Scoring/CVSS
+ - High, 7.0 `CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H>`_
+ * - Mitigation
+ - Access to peripherals must be limited to the smallest possible set of services. Ideally each peripheral should be
+ dedicated to a single trusted service and sharing of peripherals should be avoided is possible. If sharing can
+ not be avoided, a strict handover process shall be implemented to allow proper context switches, where hardware
+ state can be controlled.
+ * - Mitigation in place
+ - yes
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 8
+ * - Description
+ - Unauthenticated access to hardware.
+
+ A trusted service relying on hardware usage might get compromised or misbehaving if hardware state is
+ maliciously altered.
+ * - Data flow
+ - DF6, DF7, DF9, DF10
+ * - Asset(s)
+ - ``Sensitive Data``, ``Denial of service``, ``Code execution``
+ * - Threat Agent/Attacker
+ - ``SClient``, ``NSClient``, ``HPComponent``
+ * - Threat type
+ - ``Tampering``, ``Information disclosure``, ``Denial of service``, ``Code execution``
+ * - Impact
+ - An attacker may get access to sensitive data of might make a trusted service or the system enter an unusable
+ state by tampering with hardware peripherals.
+ * - Scoring/CVSS
+ - Medium, 6.4 `CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H>`_
+ * - Mitigation
+ - Access to peripherals must be limited to the smallest possible set of services. Ideally each peripheral should be
+ dedicated to a single trusted service, and sharing of peripherals should be avoided is possible. If sharing can
+ not be avoided, a strict handover process shall be implemented to allow proper context switches, where register
+ values can be controlled.
+ * - Mitigation in place
+ - yes
+
+
+.. list-table::
+ :widths: 15,80
+
+ * - **ID**
+ - 9
+ * - Description
+ - Unauthenticated access to sensitive data.
+ * - Data flow
+ - DF1, DF2, DF3, DF5
+ * - Asset(s)
+ - ``Sensitive Data``, ``Denial of service``
+ * - Threat Agent/Attacker
+ - ``SClient``, ``NSClient``, ``HPComponent``
+ * - Threat type
+ - ``Tampering``, ``Information disclosure``, ``Denial of service``
+ * - Impact
+ - A trusted service may manage data of multiple clients. Different clients shall not be able to access each
+ other's data unless in response to explicit request.
+ * - Scoring/CVSS
+ - Medium, 6.8 `CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N <https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N>`_
+ * - Mitigation
+ - Trusted services must implement access control based on identification data provided by higher privileged
+ components (i.e. FF-A endpoint ID).
+ * - Mitigation in place
+ - yes
+
+
+--------------
+
+.. _Attachments:
+.. Rubric:: Attachments
+
+Source file of the `Data flow diagram`_. Please use the yEd_ for editing. :download:`./generic-data-flow.graphml`
+
+--------------
+
+.. _`Common Vulnerability Scoring System`: https://www.first.org/cvss/v3.1/specification-document
+.. _`Vulnerability Calculator`: https://www.first.org/cvss/calculator/3.1
+.. _`Severity Rating Scale`: https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale
+.. _`STRIDE threat analysis technique`: https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats#stride-model
+.. _yEd: https://www.yworks.com/products/yed
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/service-descriptions/attest-service-description.rst b/docs/services/attest-service-description.rst
similarity index 98%
rename from docs/developer/service-descriptions/attest-service-description.rst
rename to docs/services/attest-service-description.rst
index 2843ede..2e872f2 100644
--- a/docs/developer/service-descriptions/attest-service-description.rst
+++ b/docs/services/attest-service-description.rst
@@ -1,7 +1,7 @@
-Attestation Service Description
-===============================
-Service Overview
-----------------
+Attestation Service
+===================
+Overview
+--------
The Attestation service is responsible for reporting on the security state of a device.
Because information is signed, a remote party may verify that the information is intact
and authentic. The Attestation service can be used as part of an infrastructure for
@@ -264,6 +264,6 @@
--------------
-*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/service-descriptions/block-storage-service-description.rst b/docs/services/block-storage-service-description.rst
similarity index 100%
rename from docs/developer/service-descriptions/block-storage-service-description.rst
rename to docs/services/block-storage-service-description.rst
diff --git a/docs/developer/service-descriptions/crypto-service-description.rst b/docs/services/crypto-service-description.rst
similarity index 95%
rename from docs/developer/service-descriptions/crypto-service-description.rst
rename to docs/services/crypto-service-description.rst
index 717c73b..17a041d 100644
--- a/docs/developer/service-descriptions/crypto-service-description.rst
+++ b/docs/services/crypto-service-description.rst
@@ -1,7 +1,7 @@
-Crypto Service Description
-==========================
-Service Overview
-----------------
+Crypto Service
+==============
+Overview
+--------
The Crypto service provides a rich set of cryptographic operations with the backing
of a private key store. Clients identify keys using opaque key handles, enabling
cryptographic operations to be performed without exposing key values beyond the
@@ -80,6 +80,6 @@
--------------
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/service-descriptions/image/block-storage-example-usage.svg b/docs/services/image/block-storage-example-usage.svg
similarity index 100%
rename from docs/developer/service-descriptions/image/block-storage-example-usage.svg
rename to docs/services/image/block-storage-example-usage.svg
diff --git a/docs/developer/service-descriptions/image/block-storage-layers.svg b/docs/services/image/block-storage-layers.svg
similarity index 100%
rename from docs/developer/service-descriptions/image/block-storage-layers.svg
rename to docs/services/image/block-storage-layers.svg
diff --git a/docs/developer/service-descriptions/image/smm-gateway-layers.svg b/docs/services/image/smm-gateway-layers.svg
similarity index 100%
rename from docs/developer/service-descriptions/image/smm-gateway-layers.svg
rename to docs/services/image/smm-gateway-layers.svg
diff --git a/docs/developer/service-descriptions/index.rst b/docs/services/index.rst
similarity index 88%
rename from docs/developer/service-descriptions/index.rst
rename to docs/services/index.rst
index 9814958..b479f8b 100644
--- a/docs/developer/service-descriptions/index.rst
+++ b/docs/services/index.rst
@@ -1,5 +1,5 @@
-Service Descriptions
-====================
+Services
+========
.. toctree::
:maxdepth: 1
diff --git a/docs/developer/service-descriptions/secure-storage-service-description.rst b/docs/services/secure-storage-service-description.rst
similarity index 97%
rename from docs/developer/service-descriptions/secure-storage-service-description.rst
rename to docs/services/secure-storage-service-description.rst
index defb2b5..03295bf 100644
--- a/docs/developer/service-descriptions/secure-storage-service-description.rst
+++ b/docs/services/secure-storage-service-description.rst
@@ -1,7 +1,7 @@
-Secure Storage Service Description
-==================================
-Service Overview
-----------------
+Secure Storage Service
+======================
+Overview
+--------
The Secure Storage service provides a generic persistent object store for valuable
assets such as cryptographic keys. The confidentiality and integrity of stored data
is typically achieved using keys that are bound to the device. The backend object
@@ -167,6 +167,6 @@
--------------
-*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/developer/service-descriptions/uefi-smm-services.rst b/docs/services/uefi-smm-services.rst
similarity index 100%
rename from docs/developer/service-descriptions/uefi-smm-services.rst
rename to docs/services/uefi-smm-services.rst
diff --git a/docs/developer/service-descriptions/uml/AttestClaimsModel.puml b/docs/services/uml/AttestClaimsModel.puml
similarity index 91%
rename from docs/developer/service-descriptions/uml/AttestClaimsModel.puml
rename to docs/services/uml/AttestClaimsModel.puml
index fb54f71..474d03e 100644
--- a/docs/developer/service-descriptions/uml/AttestClaimsModel.puml
+++ b/docs/services/uml/AttestClaimsModel.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
diff --git a/docs/developer/service-descriptions/uml/AttestImportedIAKflow.puml b/docs/services/uml/AttestImportedIAKflow.puml
similarity index 88%
rename from docs/developer/service-descriptions/uml/AttestImportedIAKflow.puml
rename to docs/services/uml/AttestImportedIAKflow.puml
index fef117c..8abb3a6 100644
--- a/docs/developer/service-descriptions/uml/AttestImportedIAKflow.puml
+++ b/docs/services/uml/AttestImportedIAKflow.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
diff --git a/docs/developer/service-descriptions/uml/AttestPartitioning.puml b/docs/services/uml/AttestPartitioning.puml
similarity index 84%
rename from docs/developer/service-descriptions/uml/AttestPartitioning.puml
rename to docs/services/uml/AttestPartitioning.puml
index 9e85862..326cb4d 100644
--- a/docs/developer/service-descriptions/uml/AttestPartitioning.puml
+++ b/docs/services/uml/AttestPartitioning.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
diff --git a/docs/developer/service-descriptions/uml/AttestSelfGeneratedIAKflow.puml b/docs/services/uml/AttestSelfGeneratedIAKflow.puml
similarity index 89%
rename from docs/developer/service-descriptions/uml/AttestSelfGeneratedIAKflow.puml
rename to docs/services/uml/AttestSelfGeneratedIAKflow.puml
index 7fdae1b..d35e8a6 100644
--- a/docs/developer/service-descriptions/uml/AttestSelfGeneratedIAKflow.puml
+++ b/docs/services/uml/AttestSelfGeneratedIAKflow.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
diff --git a/docs/developer/service-descriptions/uml/BlockStorageProvider.puml b/docs/services/uml/BlockStorageProvider.puml
similarity index 100%
rename from docs/developer/service-descriptions/uml/BlockStorageProvider.puml
rename to docs/services/uml/BlockStorageProvider.puml
diff --git a/docs/developer/service-descriptions/uml/CryptoProviderClassDiagram.puml b/docs/services/uml/CryptoProviderClassDiagram.puml
similarity index 93%
rename from docs/developer/service-descriptions/uml/CryptoProviderClassDiagram.puml
rename to docs/services/uml/CryptoProviderClassDiagram.puml
index 65c6d83..d0176b5 100644
--- a/docs/developer/service-descriptions/uml/CryptoProviderClassDiagram.puml
+++ b/docs/services/uml/CryptoProviderClassDiagram.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
@@ -46,4 +46,4 @@
MbedCrypto ..> SecureStorage
MbedCrypto ..> EntropySource
-@enduml
\ No newline at end of file
+@enduml
diff --git a/docs/developer/service-descriptions/uml/InternalTrustedDeploymentDiagram.puml b/docs/services/uml/InternalTrustedDeploymentDiagram.puml
similarity index 86%
rename from docs/developer/service-descriptions/uml/InternalTrustedDeploymentDiagram.puml
rename to docs/services/uml/InternalTrustedDeploymentDiagram.puml
index 13d26b0..ccc2475 100644
--- a/docs/developer/service-descriptions/uml/InternalTrustedDeploymentDiagram.puml
+++ b/docs/services/uml/InternalTrustedDeploymentDiagram.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
@@ -17,4 +17,4 @@
[secure_storage_client] -> [secure_storage_provider]
-@enduml
\ No newline at end of file
+@enduml
diff --git a/docs/developer/service-descriptions/uml/ProtectedProxyDeploymentDiagram.puml b/docs/services/uml/ProtectedProxyDeploymentDiagram.puml
similarity index 87%
rename from docs/developer/service-descriptions/uml/ProtectedProxyDeploymentDiagram.puml
rename to docs/services/uml/ProtectedProxyDeploymentDiagram.puml
index a6d5c14..1ce52ed 100644
--- a/docs/developer/service-descriptions/uml/ProtectedProxyDeploymentDiagram.puml
+++ b/docs/services/uml/ProtectedProxyDeploymentDiagram.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
@@ -22,4 +22,4 @@
[secure_storage_client:0] -> [secure_storage_provider:1]
[secure_storage_client:1] -> [secure_storage_provider:2]
-@enduml
\ No newline at end of file
+@enduml
diff --git a/docs/developer/service-descriptions/uml/SecureStorageClassDiagram.puml b/docs/services/uml/SecureStorageClassDiagram.puml
similarity index 88%
rename from docs/developer/service-descriptions/uml/SecureStorageClassDiagram.puml
rename to docs/services/uml/SecureStorageClassDiagram.puml
index 60177eb..8e6909c 100644
--- a/docs/developer/service-descriptions/uml/SecureStorageClassDiagram.puml
+++ b/docs/services/uml/SecureStorageClassDiagram.puml
@@ -1,5 +1,5 @@
'-------------------------------------------------------------------------------
-' Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+' Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
'
' SPDX-License-Identifier: BSD-3-Clause
'
@@ -25,4 +25,4 @@
its_frontend -d--> storage_backend
ps_frontend -d--> storage_backend
-@enduml
\ No newline at end of file
+@enduml
diff --git a/docs/developer/service-descriptions/uml/SmmGatewayOverview.puml b/docs/services/uml/SmmGatewayOverview.puml
similarity index 100%
rename from docs/developer/service-descriptions/uml/SmmGatewayOverview.puml
rename to docs/services/uml/SmmGatewayOverview.puml
diff --git a/docs/standards/ff-a.rst b/docs/standards/ff-a.rst
deleted file mode 100644
index c6a8e39..0000000
--- a/docs/standards/ff-a.rst
+++ /dev/null
@@ -1,20 +0,0 @@
-Firmware Framework for Armv8-A
-==============================
-
-|FF-A| is a standard which *"describes interfaces that standardize communication between the various software images. This
-includes communication between images in the Secure world and Normal world."*
-
-Trusted Services is the home of the FF-A S-EL0 Secure Partitions implementing PSA functionality. The component :ref:`libsp`
-captures helpful abstractions to allow easy FF-A compliant S-EL0 SP development. S-EL0 SPs are SPMC agonistic and can be used
-with an SPMC running in any higher secure exception level (S-EL1 - S-EL3). Currently the solution is tested with an SPMC
-running at S-SEL1 integrated into OP-TEE OS.
-
---------------
-
-.. _`PSA homepage`: https://developer.arm.com/architectures/security-architectures/platform-security-architecture
-.. _`www.psacertified.org`: https://www.psacertified.org/certified-products/
-.. _`Hafnium project`: https://www.trustedfirmware.org/projects/hafnium/
-
-*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/standards/index.rst b/docs/standards/index.rst
deleted file mode 100644
index 3ea4651..0000000
--- a/docs/standards/index.rst
+++ /dev/null
@@ -1,15 +0,0 @@
-Standards Compliance
-====================
-
-.. toctree::
- :maxdepth: 1
- :caption: Contents:
-
- psa
- ff-a
-
---------------
-
-*Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/standards/psa.rst b/docs/standards/psa.rst
deleted file mode 100644
index eb22b3e..0000000
--- a/docs/standards/psa.rst
+++ /dev/null
@@ -1,21 +0,0 @@
-Platform Security Architecture
-==============================
-
-Trusted Services is the home of the |PSA| reference implementation. The PSA partitions are implemented based on the |FF-A|
-specification. For details on FF-A support in TS please see the :doc:`ff-a` page.
-
-For background information on |PSA| please visit the `PSA homepage`_. If you are looking for information on certified products
-please visit `www.psacertified.org`_
-
-For a list of PSA specific components refer to deployments targeting the ``opteesp`` environment on the
-:doc:`/developer/deployments/index` page.
-
---------------
-
-.. _`PSA homepage`: https://developer.arm.com/architectures/security-architectures/platform-security-architecture
-.. _`www.psacertified.org`: https://www.psacertified.org/certified-products/
-.. _`Hafnium project`: https://www.trustedfirmware.org/projects/hafnium/
-
-*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
-
-SPDX-License-Identifier: BSD-3-Clause
diff --git a/docs/target-platforms/aem-fvp.rst b/docs/target-platforms/aem-fvp.rst
new file mode 100644
index 0000000..a2d4ad6
--- /dev/null
+++ b/docs/target-platforms/aem-fvp.rst
@@ -0,0 +1,20 @@
+AEM FVP
+=======
+
+Arm `Fixed Virtual Platforms`_ are hardware emulators "running at speeds comparable to the real hardware".
+FVP packages are released in various different configurations. This platform supports the
+`Armv-A Base RevC AEM FVP`_
+
+Please see the following chapters of using the AEM FVP:
+
+ - :ref:`Running User-space Programs on FVP`
+
+--------------
+
+.. _`Fixed Virtual Platforms`: https://developer.arm.com/Tools%20and%20Software/Fixed%20Virtual%20Platforms
+.. _`Armv-A Base RevC AEM FVP`: https://developer.arm.com/-/media/Files/downloads/ecosystem-models/FVP_Base_RevC-2xAEMvA_11.18_16_Linux64.tgz
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
+
diff --git a/docs/target-platforms/index.rst b/docs/target-platforms/index.rst
new file mode 100644
index 0000000..49bffb1
--- /dev/null
+++ b/docs/target-platforms/index.rst
@@ -0,0 +1,39 @@
+Target Platforms
+================
+
+Target platforms are emulated or physically implemented hardware. This chapter discusses platform
+related information.
+
+Platforms can be categorized by level of support as:
+
+ - Reference platforms
+ Reference platforms are "easily" accessible for testing and quality gate-keeping of the main
+ branch includes tests executed on these platforms.
+
+ - Active
+ Platforms in this category are updated and tested by their owners for each release.
+
+ - Obsolete
+ Platforms which are not tested for the current release are put into this category.
+
+ - Deprecated Platforms not tested for more than one two are threated as obsolete, and will be
+ removed for the next release.
+
+The quality of the platform, known issues, feature limitations, extra features, etc... are defined
+in the sub-chapters below.
+
+
+Reference platforms
+-------------------
+
+.. toctree::
+ :maxdepth: 1
+
+ ./aem-fvp
+
+
+--------------
+
+*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
+
+SPDX-License-Identifier: BSD-3-Clause
diff --git a/version.txt b/version.txt
index 6c6aa7c..537aabf 100644
--- a/version.txt
+++ b/version.txt
@@ -1 +1 @@
-0.1.0
\ No newline at end of file
+1.0.0-beta
\ No newline at end of file
