TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / TF-M / trusted-firmware-m / refs/heads/feature-build-split-v2 / . / docs / glossary.rst
blob: f80c61484ffe8143b85d1e4eb29b4f9b3c19b5bd [file] [log] [blame]
Galanakis, Minos41f85972019-09-30 15:56:40 +0100[diff] [blame]1###################################
2Glossary of terms and abbreviations
3###################################
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]4
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]5.. glossary::
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]6 :sorted:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]7
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]8 Application RoT
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]9 `PSA term`_. The security domain in which additional security services
10 are implemented.
11
12 HAL
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]13 Hardware Abstraction Layer:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]14 Interface to abstract hardware-oriented operations and provides a set of
15 APIs to the upper layers.
16
17 RoT
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]18 Root of Trust:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]19 `PSA term`_. This is the minimal set of software, hardware and data that
20 is implicitly trusted in the platform there is no software or hardware
21 at a deeper level that can verify that the Root of Trust is authentic
22 and unmodified.
23
24 RoT Service
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]25 `PSA term`_. A set of related security operations that are implemented
26 in a Secure Partition.
27
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]28 NSPE
29 Non Secure Processing Enviroment:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]30 `PSA term`_. In TF-M this means non secure domain typically running an
31 OS using services provided by TF-M.
32
33 PSA
34 `PSA term`_. Platform Security Architecture.
35
36 PSA-FF
37 `PSA term`_. Platform Security Architecture Firmware Framework.
38
39 PSA-FF-M
40 `PSA term`_. Platform Security Architecture Firmware Framework for M.
41
42 PSA RoT
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]43 `PSA term`_. This defines the most trusted security domain within a PSA
44 system.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]45
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]46 SFN
47 Secure Function:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]48 The function entry to a secure service. Multiple SFN per SS are
49 permitted.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]50
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]51 SP
Anton Komlev91281f02022-04-22 09:24:20 +0100[diff] [blame]52 Secure Partition
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]53 A logical container for secure services.
54
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]55 SPE
56 Secure Processing Environment:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]57 `PSA term`_. In TF-M this means the secure domain protected by TF-M.
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]58
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]59 SPM
Anton Komlev91281f02022-04-22 09:24:20 +0100[diff] [blame]60 Secure Partition Manager
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]61 The TF-M component responsible for enumeration, management and isolation
62 of multiple Secure Partitions within the TEE.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]63
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]64 SPRT
65 Secure Partition Runtime:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]66 The TF-M component responsible for Secure Partition runtime
67 functionalities.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]68
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]69 SPRTL
70 Secure Partition Runtime Library:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]71 A library contains the SPRT code and data.
72
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]73 SS
74 Secure Service:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]75 A component within the TEE that is atomic from a security/trust point of
76 view, i.e. which is viewed as a single entity from a TF-M point of view.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]77
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]78 PS
Anton Komlev91281f02022-04-22 09:24:20 +0100[diff] [blame]79 Protected Storage
80 One of PSA services provided by TF-M.
Kevin Pengc6d74502020-03-04 16:55:37 +0800[diff] [blame]81
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]82 ITS
Anton Komlev91281f02022-04-22 09:24:20 +0100[diff] [blame]83 Internal Trusted Storage
84 One of PSA services provided by TF-M.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]85
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]86 TFM
87 TF-M
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]88 Trusted Firmware-M or Trusted Firmware for M-class.
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]89 ARM TF-M provides a reference implementation of secure world software
90 for ARMv8-M.
91
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]92 TBSA-M
Anton Komlevfb835402022-08-09 13:04:04 +0100[diff] [blame]93 Trusted Base System Architecture for M.
94 TBSA term. See `Trusted Base System Architecture for M`_
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]95
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]96 MPC
97 Memory Protection Controller:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]98 Bus slave-side security controller for memory regions.
99
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]100 PPC
101 Peripheral Protection Controller:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]102 Bus slave-side security controller for peripheral access.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]103
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]104 S/NS
105 Secure/Non-secure:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]106 The separation provided by TrustZone hardware components in the system.
107
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]108 SAU
109 Secure Attribution Unit:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]110 Hardware component providing isolation between Secure, Non-secure
111 Callable and Non-secure addresses.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]112
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]113 AAPCS
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]114 ARM Architecture Procedure Call Standard:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]115 The AAPCS defines how subroutines can be separately written, separately
116 compiled, and separately assembled to work together. It describes a
117 contract between a calling routine and a called routine
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]118
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]119 MPU
120 Memory Protection Unit:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]121 Hardware component providing privilege control.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]122
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]123 SVC
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]124 SuperVisor Call:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]125 ARMv7M assembly instruction to call a privileged handler function
126
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame]127.. rubric:: Reference
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]128
Anton Komlevfb835402022-08-09 13:04:04 +0100[diff] [blame]129| `Firmware Framework for M (FF-M)`_
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]130
Anton Komlevfb835402022-08-09 13:04:04 +0100[diff] [blame]131.. _Firmware Framework for M (FF-M):
132 https://www.arm.com/architecture/security-features/platform-security
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]133
Anton Komlevfb835402022-08-09 13:04:04 +0100[diff] [blame]134.. _PSA term: `Firmware Framework for M (FF-M)`_
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]135
Anton Komlevfb835402022-08-09 13:04:04 +0100[diff] [blame]136| `Trusted Base System Architecture for M`_
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]137
Anton Komlevfb835402022-08-09 13:04:04 +0100[diff] [blame]138.. _Trusted Base System Architecture for M:
139 https://www.arm.com/architecture/security-features/platform-security
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]140
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]141--------------
142
Anton Komlevfb835402022-08-09 13:04:04 +0100[diff] [blame]143*Copyright (c) 2017-2022, Arm Limited. All rights reserved.*