Blame - docs/project/glossary.rst - TS/trusted-services

blob: 053d5a6cbcdcc034c8745be32ce9c632e74d6a04 [file] [log] [blame]

Julian Hall	e76ade8	2020-11-25 03:07:21 +0100	[diff] [blame]	1	Glossary
				2	========
				3
				4	This glossary provides definitions for terms and abbreviations used in the Trusted Services documentation.
				5
				6	You can find additional definitions in the `Arm Glossary`_.
				7
				8	.. glossary::
				9	:sorted:
				10
				11	TF-A
				12	Trusted Firmware-A
				13
				14	TS
				15	Trusted Services
				16
				17	C identifier like string
				18	A name which uses only alphanumeric characters and underscores and the first character is not a digit.
				19
				20	LCS
				21	`Linux Coding Style`_
				22
				23	ACLE
				24	`Arm C language extensions`_
				25
Gyorgy Szing	101ce2d	2021-03-19 12:47:53 +0100	[diff] [blame]	26	PSA
				27	`Platforn Security Arhitecture`_
				28
				29	FF-A
				30	`Firmware Framework for A`_
				31
Gyorgy Szing	30731ce	2023-09-27 12:24:18 +0200	[diff] [blame]	32	Normal World
				33	The rich execution environment running the "business logic" of the device. NWd is separated by hardware
				34	technology (e.g. see :term:`TrustZone`) from components which are managing sensitive information. See
				35	:term:`Secure World`.
				36
				37	NWd
				38	See :term:`Normal World`.
				39
				40	Secure World
				41	Hardware isolated execution environment executing specially crafted software managing sensitive data. On Arm
				42	devices :term:`TrustZone` technology can be used to implement the needed isolation.
				43
				44	SWd
				45	See :term:`Secure World`.
				46
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	47	TEE
				48	Trusted Execution Environment. An SPE implemented using TrustZone.
				49
				50	TrustZone
Gyorgy Szing	88acde3	2025-04-17 13:48:02 +0200	[diff] [blame]	51	Arm :sup:`®` TrustZone :sup:`®` ia a hardware assisted isolation technology built into arm CPUs. See `TrustZone
				52	for Cortex-A`_.
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	53
				54	SPE
				55	See :term:`Secure Processing Environment`.
				56
				57	Secure Processing Environment
				58	An isolated environment to execute software images backed by a specific set of hardware and arm architecture
Gyorgy Szing	30731ce	2023-09-27 12:24:18 +0200	[diff] [blame]	59	features. The aim of isolation is to protect sensitive workloads and their assets.
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	60
				61	SP
				62	see :term:`Secure Partition`
				63
				64	Secure Partition
				65	Secure Partition is a compartment to execute a software image isolated from other images. Isolation can be logical
				66	or physical based on if physical address range isolation is involved or not. See :term:`Physical SP` and :term:`Logical SP`.
				67
				68	An SP may host a single or multiple services.
				69
				70	Physical SP
				71	A Secure Partition which executes a software image in and isolated physical address space.
				72
				73	Logical SP
Gyorgy Szing	88acde3	2025-04-17 13:48:02 +0200	[diff] [blame]	74	A Secure Partition which executes a software image isolated without physical address space isolation.
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	75
				76	SPM
				77	See :term:`Secure Partition Manager`.
				78
				79	Secure Partition Manager
				80	A component responsible for creating and managing the physical isolation boundary of an :term:`SP` in the SWd. It
				81	is built from two sub-components the :term:`Secure Partition Manager Dispatcher` and the
				82	:term:`Secure Partition Manager Core`.
				83
Gyorgy Szing	88acde3	2025-04-17 13:48:02 +0200	[diff] [blame]	84	SPMD
				85	See :term:`Secure Partition Manager Dispatcher`.
				86
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	87	Secure Partition Manager Dispatcher
				88	The SPM component responsible for SPMC initialization boot-time, and forwarding FF-A calls run-time between SPs
				89	and between SPs and the SPMC.
				90
Gyorgy Szing	88acde3	2025-04-17 13:48:02 +0200	[diff] [blame]	91	SPMC
				92	See :term:`Secure Partition Manager Core`.
				93
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	94	Secure Partition Manager Core
				95	A component responsible for SP initialization and isolation at boot-time, inter partition isolation at run-time,
				96	inter-partition communication at run-time.
				97
				98	Secure Enclave
				99	An isolated hardware subsystem focusing on security related operations. The subsystem may include hardware
				100	peripherals and one or more processing elements. As an example see the `Arm SSE-700`_ subsystem.
Julian Hall	e76ade8	2020-11-25 03:07:21 +0100	[diff] [blame]	101
				102	--------------
				103
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	104	.. _`Arm Glossary`: https://developer.arm.com/documentation/aeg0014
Julian Hall	e76ade8	2020-11-25 03:07:21 +0100	[diff] [blame]	105	.. _`Linux Coding Style`: https://www.kernel.org/doc/html/v4.10/process/coding-style.html
				106	.. _`Arm C language extensions`: https://developer.arm.com/documentation/101028/0012/?lang=en
Gyorgy Szing	101ce2d	2021-03-19 12:47:53 +0100	[diff] [blame]	107	.. _`Platforn Security Arhitecture`: https://developer.arm.com/architectures/security-architectures/platform-security-architecture
				108	.. _`Firmware Framework for A`: https://developer.arm.com/docs/den0077/latest
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	109	.. _`TrustZone for Cortex-A`: https://www.arm.com/technologies/trustzone-for-cortex-a
				110	.. _`Arm SSE-700`: https://developer.arm.com/documentation/101418/0100/Overview/About-SSE-700
Gyorgy Szing	101ce2d	2021-03-19 12:47:53 +0100	[diff] [blame]	111
Gyorgy Szing	e656524	2022-11-25 12:01:55 +0100	[diff] [blame]	112	Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.
Julian Hall	e76ade8	2020-11-25 03:07:21 +0100	[diff] [blame]	113
				114	SPDX-License-Identifier: BSD-3-Clause