| Julian Hall | e76ade8 | 2020-11-25 03:07:21 +0100 | [diff] [blame] | 1 | Project Goals |
| 2 | ============= |
| 3 | |
| 4 | The trusted services project aims to make it easy to write new trusted services that can be deployed in different secure |
| 5 | processing environments without having to rewrite lots of code. The aim is to make component reuse as painless as possible by |
| 6 | keeping software components free of unnecessary dependencies on anything environment or platform specific. |
| 7 | |
| 8 | The project structure has been designed to help meet the following goals: |
| 9 | |
| 10 | - **Support multiple deployments** - allow for different deployments where common service code can be built to run in |
| 11 | different environments. |
| 12 | - **Support multiple processing environments** - allow support for new processing environments to be easily added. |
| 13 | - **Support multiple hardware platforms** - provide a portability model for different hardware. |
| 14 | - **Avoid the need for duplicated code** - by encouraging code sharing, code duplication can be minimized. |
| 15 | - **Avoid cross-talk between builds** - allow images for different deployments to be built independently without any nasty |
| 16 | cross dependencies. |
| 17 | - **Support and promote automated testing** - writing and running test cases that operate on individual components, |
| 18 | component assemblies or complete service deployments should be easy and accessible. |
| 19 | - **Support component sharing with deployment specific configuration** - where necessary, a deployment specific build |
| 20 | configuration may need to be applied to a shared component. |
| 21 | - **Control which versions of external components are used** - where external components such as libraries are used, it |
| 22 | should be possible to peg to a specific version. |
| 23 | |
| 24 | Enhancing Security through Reuse and Testing |
| 25 | -------------------------------------------- |
| 26 | |
| 27 | Reuse of common framework and service components across multiple deployments will help to shake out bugs that may present |
| 28 | security vulnerabilities. Repeated reuse of a piece of software in different contexts and by different people can help harden |
| 29 | the code through progressive improvements and bug fixes. Reuse of a common framework also creates opportunities for standard |
| 30 | solutions to security problems such as service discovery, client identification, authentication and access control. |
| 31 | |
| 32 | The confidence to reuse components needs to be underpinned by testing. A project structure that makes it easy to add tests, run |
| 33 | tests and live with an increasing suite of test cases is fundamentally important in meeting security goals. Although trusted |
| 34 | service code will be deployed in execution environments where test and debug can be somewhat awkward, a large amount of the code |
| 35 | can be tested effectively in a native PC environment. Where code can be tested on a PC, it should be. It should be easy for |
| 36 | anyone to build and run tests to give confidence that a component passes all tests before changes are made and that code changes |
| 37 | haven't broken anything. |
| 38 | |
| 39 | ---------------- |
| 40 | |
| 41 | *Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.* |
| 42 | |
| 43 | SPDX-License-Identifier: BSD-3-Clause |