Docs: Add configuration section to the doc
+ Rebase and include ARoT-less profile
Signed-off-by: Anton Komlev <anton.komlev@arm.com>
Change-Id: If802fa15297fe25585c7523ad0827395d982c554
diff --git a/docs/configuration/profiles/index.rst b/docs/configuration/profiles/index.rst
new file mode 100644
index 0000000..1b3e69b
--- /dev/null
+++ b/docs/configuration/profiles/index.rst
@@ -0,0 +1,86 @@
+TF-M Profiles
+=============
+
+The capabilities and resources may dramatically vary on different IoT devices.
+Some IoT devices may have very limited memory resource. The program on those devices should keep
+small memory footprint and basic functionalities.
+On the other hand, some devices may consist of more memory and extended storage, to support stronger
+software capabilities.
+
+Diverse IoT use cases also require different levels of security and requirements on device resource.
+For example, use cases require different cipher capabilities. Selecting cipher suites can be
+sensitive to memory footprint on devices with constrained resource.
+
+Trusted Firmware-M (TF-M) defines several general profiles, such as Profile Small, Profile Medium,
+Profile Medium ARoT-less and Profile Large, to provide different levels of security to fit diverse
+device capabilities and use cases applied on the top of the base configuration.
+
+Each profile specifies a predefined list of features, targeting typical use cases with specific
+hardware constraints. Profiles can serve as reference designs, based on which developers can
+continue further development and configurations, according to use case.
+
+TF-M Profiles align with Platform Security Architecture specifications and certification
+guidelines. It can help vendors to simplify security configuring for PSA certification.
+
+Please check the table below to compare differences while details are discussed
+in the links below.
+
+.. toctree::
+ :maxdepth: 1
+ :glob:
+
+ Small <tfm_profile_small>
+ ARoT-less <tfm_profile_medium_arot-less>
+ Medium <tfm_profile_medium>
+ Large <tfm_profile_large>
+
++----------------------------------------+--------+--------+---------+--------+--------+
+| Option | Base | Small |ARoT-less| Medium | Large |
++========================================+========+========+=========+========+========+
+| TFM_ISOLATION_LEVEL | 1 | 1 | 1 | 2 | 3 |
++----------------------------------------+--------+--------+---------+--------+--------+
+| CONFIG_TFM_SPM_BACKEND | SFN | SFN | SFN | IPC | IPC |
++----------------------------------------+--------+--------+---------+--------+--------+
+| TFM_PARTITION_CRYPTO | OFF | ON | ON | ON | ON |
++----------------------------------------+--------+--------+---------+--------+--------+
+| TFM_PARTITION_INTERNAL_TRUSTED_STORAGE | OFF | ON | ON | ON | ON |
++----------------------------------------+--------+--------+---------+--------+--------+
+| TFM_PARTITION_PLATFORM | OFF | OFF | ON | ON | ON |
++----------------------------------------+--------+--------+---------+--------+--------+
+| TFM_PARTITION_PROTECTED_STORAGE | OFF | OFF | OFF | ON | ON |
++----------------------------------------+--------+--------+---------+--------+--------+
+| TFM_PARTITION_INITIAL_ATTESTATION | OFF | ON | ON | ON | ON |
++----------------------------------------+--------+--------+---------+--------+--------+
+| SYMMETRIC_INITIAL_ATTESTATION | OFF | ON | OFF | ON | ON |
++----------------------------------------+--------+--------+---------+--------+--------+
+| TFM_PARTITION_FIRMWARE_UPDATE | OFF | OFF | ON | OFF | OFF |
++----------------------------------------+--------+--------+---------+--------+--------+
+| *Advanced options, defined in the corresponded header (.h) file* |
++----------------------------------------+--------+--------+---------+--------+--------+
+| CRYPTO_ENGINE_BUF_SIZE | 0x2080 | 0x400 | 0x2080 | 0x2080 | 0x2080 |
++----------------------------------------+--------+--------+---------+--------+--------+
+| CRYPTO_ASYM_SIGN_MODULE_DISABLED | OFF | ON | OFF | OFF | OFF |
++----------------------------------------+--------+--------+---------+--------+--------+
+| PS_CRYPTO_AEAD_ALG | GCM | GCM | CCM | CCM | GCM |
++----------------------------------------+--------+--------+---------+--------+--------+
+| CRYPTO_ASYM_ENCRYPT_MODULE_DISABLED | OFF | ON | ON | ON | OFF |
++----------------------------------------+--------+--------+---------+--------+--------+
+| CRYPTO_SINGLE_PART_FUNCS_DISABLED | OFF | ON | OFF | OFF | OFF |
++----------------------------------------+--------+--------+---------+--------+--------+
+| CRYPTO_CONC_OPER_NUM | 8 | 4 | 8 | 8 | 8 |
++----------------------------------------+--------+--------+---------+--------+--------+
+| PSA_FRAMEWORK_HAS_MM_IOVEC | OFF | ON | OFF | OFF | OFF |
++----------------------------------------+--------+--------+---------+--------+--------+
+| CONFIG_TFM_CONN_HANDLE_MAX_NUM | 8 | 3 | 8 | 8 | 8 |
++----------------------------------------+--------+--------+---------+--------+--------+
+| ITS_BUF_SIZE | | 32 | 32 | | |
++----------------------------------------+--------+--------+---------+--------+--------+
+| MCUBOOT_IMAGE_NUMBER | | 1 | | | |
++----------------------------------------+--------+--------+---------+--------+--------+
+
+Each profile has predefined configuration for cryptographic library, located in
+``/lib/ext/mbedcrypto/mbedcrypto_config/``
+
+--------------
+
+Copyright (c) 2020, Arm Limited. All rights reserved.*
diff --git a/docs/configuration/profiles/tfm_profile_large.rst b/docs/configuration/profiles/tfm_profile_large.rst
new file mode 100644
index 0000000..841a2b1
--- /dev/null
+++ b/docs/configuration/profiles/tfm_profile_large.rst
@@ -0,0 +1,445 @@
+#######################################
+Trusted Firmware-M Profile Large Design
+#######################################
+
+************
+Introduction
+************
+
+As one of TF-M Profiles, Profile Large protects less resource-constrained Arm
+Cortex-M devices.
+
+Compared to Profile Small [1]_ and Profile Medium [2]_, Profile Large aims to
+enable more secure features to support higher level of security required in more
+complex usage scenarios.
+
+ - Isolation level 3 enables additional isolation between
+ :term:`Application RoT` (App RoT) services.
+ - More crypto algorithms and cipher suites are selected to securely connect
+ devices to remote services offered by various major Cloud Service
+ Providers (CSP)
+ - Basic software countermeasures against physical attacks can be enabled.
+
+Profile Large can be aligned as a reference implementation with the requirements
+defined in PSA Certified Level 3 Lightweight Protection Profile [3]_.
+
+**************
+Overall design
+**************
+
+TF-M Profile Large defines the following feature set:
+
+ - Firmware Framework
+
+ - Inter-Process Communication (IPC) model [4]_
+ - Isolation level 3 [4]_
+
+ - Internal Trusted Storage (ITS)
+
+ - Crypto
+
+ - Support both symmetric ciphers and asymmetric ciphers
+ - Asymmetric key based cipher suites defined in TLS 1.2 [5]_ to support
+ direct secure connection to major CSPs, including
+
+ - Authenticated Encryption with Associated Data (AEAD) algorithm
+ - Asymmetric key algorithm based signature and verification
+ - Public-key cryptography based key exchange
+ - Hash function
+ - HMAC for default Pseudorandom Function (PRF)
+
+ - Asymmetric digital signature and verification for Initial Attestation
+ Token (IAT)
+ - Asymmetric algorithms for firmware image signature verification
+ - Key derivation
+
+ - Initial Attestation
+
+ - Asymmetric key algorithm based Initial Attestation
+
+ - Secure boot
+ - Anti-rollback protection
+ - Multiple image boot
+
+ - Protected Storage (PS) if off-chip storage device is integrated
+
+ - Data confidentiality
+ - Data integrity
+ - Rollback protection
+
+ - Software countermeasures against physical attacks
+
+**************
+Design details
+**************
+
+More details of TF-M Profile Large design are described in following sections.
+
+Firmware framework
+==================
+
+Profile Large selects IPC model and isolation level 3 by default.
+
+Isolation level 3 supports additional isolation between App RoT services,
+compared to isolation level 2. It can protect :term:`RoT` services from each
+other when their vendors don't trust each other.
+
+Crypto service
+==============
+
+Profile Large supports direct connection to Cloud services via common protocols,
+such as TLS 1.2.
+
+In some usage scenarios, PSA RoT can be managed by device manufacturer or other
+vendors and is out of control of application developers.
+Profile Large selects alternative crypto algorithms for each crypto function to
+support multiple common cipher suites required by various major CSPs. Therefore,
+application developers can support services for diverse CSPs on same devices
+with Profile Large, without relying on PSA RoT upgrades of crypto.
+
+Devices meeting Profile Large should be in a position to offer at least two
+alternatives to every cryptographic primitive for symmetric, asymmetric and
+hash, and be able to use them for encryption, AEAD, signature and verification.
+
+It will cost more resource in Profile Large to support more crypto algorithms
+and cipher suites, compared to Profile Medium [2]_.
+
+Boot loader
+===========
+
+BL2 implementation can be device specific. Devices may implement diverse
+boot processes with different features and configurations.
+However, the boot loader must support anti-rollback protection. Boot loader must
+be able to prevent unauthorized rollback, to protect devices from being
+downgraded to earlier versions with known vulnerabilities.
+
+MCUBoot in TF-M is configured as multiple image boot by default in Profile
+Large. In multiple image boot, secure and non-secure images can be signed
+independently with different keys and they can be updated separately. It can
+support multiple vendors scenarios, in which non-secure and secure images are
+generated and updated by different vendors.
+Multiple image boot may cost larger memory footprint compared with single image
+boot.
+
+Boot loader can implement software countermeasures to mitigate physical attacks.
+
+Protected Storage
+=================
+
+PS service is required if an off-chip storage device is integrated and used on
+the platform.
+
+Anti-rollback protection in PS relies on non-volatile counter(s) provided by
+TF-M Platform :term:`Secure Partition` (SP).
+
+Software countermeasures against physical attacks
+=================================================
+
+TF-M Profile Large enables TF-M Fault Injection Hardening (FIH) library Profile
+Medium by default. It enables the following countermeasure techniques:
+
+ - Control flow monitor
+ - Failure loop hardening
+ - Complex constants
+ - Redundant variables and condition checks
+
+Refer to TF-M physical attack mitigation design document [6]_ for FIH library
+details.
+
+.. note ::
+
+ **TF-M FIH library is still under development**.
+
+ TF-M FIH library hardens TF-M critical execution steps to make physical
+ attacks more difficult, together with device hardware countermeasures.
+ It is not guaranteed that TF-M FIH library is able to mitigate all kinds of
+ physical attacks.
+
+.. note ::
+
+ **Implementation note**
+
+ TF-M FIH library doesn't cover platform specific critical configurations.
+ Platforms shall implement software countermeasures against physical attacks
+ to protect platform specific implementation.
+
+**************
+Implementation
+**************
+
+Overview
+========
+
+The basic idea is to add dedicated profile CMake configuration files under
+folder ``config/profile`` for TF-M Profile Large default configuration, the
+same as other TF-M Profiles do.
+
+The top-level Profile Large config file collects all the necessary configuration
+flags and set them to default values, to explicitly enable the features required
+in Profile Large and disable the unnecessary ones, during TF-M build.
+
+A platform/use case can provide a configuration extension file to overwrite
+Profile Large default setting and append other configurations.
+This configuration extension file can be added via parameter
+``TFM_EXTRA_CONFIG_PATH`` in build command line.
+
+The behaviour of the Profile Large build flow (particularly the order of
+configuration loading and overriding) can be found at
+:ref:`tfm_cmake_configuration`
+
+The details of configurations will be covered in each module in
+`Implementation details`_.
+
+Implementation details
+======================
+
+This section discusses the details of Profile Large implementation.
+
+Top-level configuration files
+-----------------------------
+
+The firmware framework configurations in ``config/profile/profile_large`` are
+shown below.
+
+.. table:: Config flags in Profile Large top-level CMake config file
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | Configs | Descriptions | Default value |
+ +============================================+====================================+====================================================================================================+
+ | ``TFM_ISOLATION_LEVEL`` | Select level 3 isolation | ``3`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``TFM_PARTITION_INTERNAL_TRUSTED_STORAGE`` | Enable ITS SP | ``ON`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``ITS_BUF_SIZE`` | ITS internal transient buffer size | ``64`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``TFM_PARTITION_CRYPTO`` | Enable Crypto service | ``ON`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``TFM_MBEDCRYPTO_CONFIG_PATH`` | MbedTLS config file path | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_large.h`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH`` | MbedTLS PSA config file path | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_large.h`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``TFM_PARTITION_INITIAL_ATTESTATION`` | Enable Initial Attestation service | ``ON`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``TFM_PARTITION_PROTECTED_STORAGE`` [a]_ | Enable PS service | ``ON`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+ | ``TFM_PARTITION_PLATFORM`` | Enable TF-M Platform SP | ``ON`` |
+ +--------------------------------------------+------------------------------------+----------------------------------------------------------------------------------------------------+
+
+.. [a] PS service is enabled by default. Platforms without off-chip storage
+ devices can turn off ``TFM_PARTITION_PROTECTED_STORAGE`` to disable PS
+ service. See `Protected Storage Secure Partition`_ for details.
+
+Crypto service configurations
+-----------------------------
+
+Crypto Secure Partition
+^^^^^^^^^^^^^^^^^^^^^^^
+
+TF-M Profile Large enables Crypto SP in top-level CMake config file and selects
+all the Crypto modules.
+
+MbedTLS configurations
+^^^^^^^^^^^^^^^^^^^^^^
+
+TF-M Profile Large adds a dedicated MbedTLS config file
+``tfm_mbedcrypto_config_profile_large.h`` and MbedTLS PSA config file
+``crypto_config_profile_large.h`` under
+``/lib/ext/mbedcrypto/mbedcrypto_config`` folder, instead of the common one
+``tfm_mbedcrypto_config_default.h`` and ``crypto_config_default.h`` [7]_.
+
+Major MbedTLS configurations are set as listed below:
+
+ - Enable SHA256 and SHA512
+ - Enable generic message digest wrappers
+ - Enable AES
+ - Enable CCM mode, GCM mode and CBC mode for symmetric ciphers
+ - Disable other modes for symmetric ciphers
+ - Enable ECDH
+ - Enable ECDSA
+ - Enable RSA
+ - Select ECC curve ``secp256r1`` and ``secp384r1``
+ - Enable HMAC-based key derivation function
+ - Other configurations required by selected option above
+
+A device/use case can append an extra config header to the Profile Large default
+MbedTLS config file to override the default settings. This can be done by
+setting the ``TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH`` cmake variable in the
+platform config file ``platform/ext<TFM_PLATFORM>/config.cmake``.
+This cmake variable is a wrapper around the ``MBEDTLS_USER_CONFIG_FILE``
+options, but is preferred as it keeps all configuration in cmake.
+
+Internal Trusted Storage configurations
+---------------------------------------
+
+ITS service is enabled in top-level Profile Large CMake config file by default.
+
+The internal transient buffer size ``ITS_BUF_SIZE`` [8]_ is set to 64 bytes by
+default. A platform/use case can overwrite the buffer size in its specific
+configuration extension according to its actual requirement of assets and Flash
+attributes.
+
+Profile Large CMake config file won't touch the configurations of device
+specific Flash hardware attributes.
+
+Protected Storage Secure Partition
+----------------------------------
+
+Data confidentiality, integrity and anti-rollback protection are enabled by
+default in PS.
+
+If PS is selected, AES-CCM is used as AEAD algorithm by default. If platform
+hardware crypto accelerator supports the AEAD algorithm, the AEAD operations can
+be executed in hardware crypto accelerator.
+
+If platforms don't integrate any off-chip storage device, platforms can disable
+PS in platform specific configuration extension file via
+``platform/ext<TFM_PLATFORM>/config.cmake``.
+
+BL2 setting
+-----------
+
+Profile Large enables MCUBoot provided by TF-M by default. A platform can
+overwrite this configuration by disabling MCUBoot in its configuration extension
+file ``platform/ext<TFM_PLATFORM>/config.cmake``.
+
+If MCUBoot provided by TF-M is enabled, multiple image boot is selected by
+default.
+
+If a device implements its own boot loader, the configurations are
+implementation defined.
+
+Software countermeasure against physical attacks
+------------------------------------------------
+
+Profile Large selects TF-M FIH library Profile Medium by specifying
+``-DTFM_FIH_PROFILE=MEDIUM`` in top-level CMake config file.
+
+System integrators shall implement software countermeasures in platform specific
+implementations.
+
+Device configuration extension
+------------------------------
+
+To change default configurations and add platform specific configurations,
+a platform can add a platform configuration file at
+``platform/ext<TFM_PLATFORM>/config.cmake``
+
+Test configuration
+------------------
+
+Some cryptography tests are disabled due to the reduced MbedTLS config.
+Profile Large specific test configurations are also specified in Profile Large
+top-level CMake config file ``config/profile/profile_large_test.cmake``.
+
+.. table:: Profile Large crypto test configuration
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | Configs | Default value | Descriptions |
+ +============================================+===============+=========================================+
+ | ``TFM_CRYPTO_TEST_ALG_CBC`` | ``ON`` | Test CBC cryptography mode |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CCM`` | ``ON`` | Test CCM cryptography mode |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CFB`` | ``OFF`` | Test CFB cryptography mode |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_ECB`` | ``OFF`` | Test ECB cryptography mode |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CTR`` | ``OFF`` | Test CTR cryptography mode |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_OFB`` | ``OFF`` | Test OFB cryptography mode |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_GCM`` | ``ON`` | Test GCM cryptography mode |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_SHA_384`` | ``OFF`` | Test SHA-384 cryptography algorithm |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_SHA_512`` | ``ON`` | Test SHA-512 cryptography algorithm |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_HKDF`` | ``ON`` | Test HMAC-based key derivation function |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ECDH`` | ``ON`` | Test ECDH key agreement algorithm |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_CHACHA20`` | ``OFF`` | Test ChaCha20 stream cipher |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_CHACHA20_POLY1305`` | ``OFF`` | Test ChaCha20-Poly1305 AEAD algorithm |
+ +--------------------------------------------+---------------+-----------------------------------------+
+ | ``TFM_CRYPTO_TEST_SINGLE_PART_FUNCS`` | ``OFF`` | Test single-part operations in hash, |
+ | | | MAC, AEAD and symmetric ciphers |
+ +--------------------------------------------+---------------+-----------------------------------------+
+
+****************
+Platform support
+****************
+
+To enable Profile Large on a platform, the platform specific CMake file should
+be added into the platform support list in top-level Profile Large CMake config
+file.
+
+Building Profile Large
+======================
+
+To build Profile Large, argument ``TFM_PROFILE`` in build command line should be
+set to ``profile_large``.
+
+Take AN521 as an example:
+
+The following commands build Profile Large without test cases on **AN521** with
+build type **MinSizeRel**, built by **Armclang**.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=arm/mps2/an521 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_large \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ ../
+ cmake --build ./ -- install
+
+The following commands build Profile Large with regression test cases on
+**AN521** with build type **MinSizeRel**, built by **Armclang**.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=arm/mps2/an521 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_large \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ -DTEST_S=ON -DTEST_NS=ON \
+ ../
+ cmake --build ./ -- install
+
+More details of building instructions and parameters can be found TF-M build
+instruction guide [9]_.
+
+*********
+Reference
+*********
+
+.. [1] :doc:`Trusted Firmware-M Profile Small Design </configuration/profiles/tfm_profile_small>`
+
+.. [2] :doc:`Trusted Firmware-M Profile Medium Design </configuration/profiles/tfm_profile_medium>`
+
+.. [3] `PSA Certified Level 3 Lightweight Protection Profile <https://www.psacertified.org/app/uploads/2020/12/JSADEN009-PSA_Certified_Level_3_LW_PP-1.0-BET02.pdf>`_
+
+.. [4] `Arm Platform Security Architecture Firmware Framework 1.0 <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0063-PSA_Firmware_Framework-1.0.0-2.pdf?revision=2d1429fa-4b5b-461a-a60e-4ef3d8f7f4b4>`_
+
+.. [5] `The Transport Layer Security (TLS) Protocol Version 1.2 <https://tools.ietf.org/html/rfc5246>`_
+
+.. [6] :doc:`Physical attack mitigation in Trusted Firmware-M </technical_references/design_docs/tfm_physical_attack_mitigation>`
+
+.. [7] :doc:`Crypto design </technical_references/design_docs/tfm_crypto_design>`
+
+.. [8] :doc:`ITS integration guide </integration_guide/services/tfm_its_integration_guide>`
+
+.. [9] :doc:`TF-M build instruction </building/tfm_build_instruction>`
+
+--------------
+
+*Copyright (c) 2021-2022, Arm Limited. All rights reserved.*
diff --git a/docs/configuration/profiles/tfm_profile_medium.rst b/docs/configuration/profiles/tfm_profile_medium.rst
new file mode 100644
index 0000000..9f98542
--- /dev/null
+++ b/docs/configuration/profiles/tfm_profile_medium.rst
@@ -0,0 +1,478 @@
+########################################
+Trusted Firmware-M Profile Medium Design
+########################################
+
+************
+Introduction
+************
+
+Compared with Profile Small, Profile Medium aims to securely connect devices to
+Cloud services with asymmetric cipher support.
+Profile Medium target devices need more resources for more cipher algorithms
+and higher isolation levels.
+
+**************
+Overall design
+**************
+
+TF-M Profile Medium defines the following feature set:
+
+ - Firmware Framework
+
+ - Inter-Process Communication (IPC) model [PSA-FF-M]_
+ - Isolation level 2 [PSA-FF-M]_
+
+ - Internal Trusted Storage (ITS)
+
+ - Crypto
+
+ - Support both symmetric cryptography and asymmetric cryptography
+ - Asymmetric key based cipher suite suggested in TLS/DTLS profiles for
+ IoT [RFC7925]_ and CoAP [RFC7252]_, including
+
+ - Authenticated Encryption with Associated Data (AEAD) algorithm
+ - Asymmetric key algorithm based signature and verification
+ - Public-key cryptography based key exchange
+ - Hash function
+ - HMAC for default Pseudorandom Function (PRF)
+
+ - Asymmetric digital signature and verification for Initial Attestation
+ Token (IAT)
+
+ - Initial Attestation
+
+ - Asymmetric key algorithm based Initial Attestation
+
+ - Lightweight boot
+
+ - Anti-rollback protection
+ - Multiple image boot
+
+ - Protected Storage (PS) if off-chip storage device is integrated
+
+ - Data confidentiality
+ - Data integrity
+ - Rollback protection
+
+**************
+Design details
+**************
+
+More details of TF-M Profile Medium design are described in following sections.
+
+Firmware framework
+==================
+
+Profile Medium with IPC model and isolation level 2 aims to support usage
+scenarios which require more complicated secure service model and additional
+protection to PSA RoT.
+
+Level 2 isolation
+-----------------
+
+Profile Medium selects isolation level 2 by default. In addition to isolation
+level 1, the PSA Root of Trust (PSA RoT) is also protected from access by the
+Application Root of Trust (App RoT) in level 2 isolation.
+
+IPC model
+---------
+
+Profile Medium enables IPC model by default. IPC model can achieve a more
+flexible framework and higher levels of isolation, but may require more memory
+footprint and bring in longer latency, compared to SFN model.
+
+TF-M IPC model implementation follows the PSA Firmware Framework for M
+(PSA-FF-M) [PSA-FF-M]_.
+
+Crypto service
+==============
+
+Compared to Profile Small, Profile Medium includes asymmetric cryptography to
+support direct connection to Cloud services via common protocols, such as
+TLS/DTLS 1.2.
+
+As suggested in CoAP [RFC7252]_ and [RFC7925]_, TF-M Profile Medium by default
+selects ``TLS_ECDHE_ECDSA_WITH_AES_128_CCM`` as reference, which requires:
+
+ - ECDHE_ECDSA as key exchange algorithm.
+ - AES-128-CCM (AES CCM mode with 128-bit key) as AEAD algorithm.
+ Platforms can implement AES-128-CCM with truncated authentication tag to
+ achieve less network bandwidth [RFC7925]_.
+ - SHA256 as Hash function.
+ - HMAC as Message Authentication Code algorithm.
+
+Applications can also support TLS PSK [RFC4279]_ cipher suites, such as
+``TLS_PSK_WITH_AES_128_CCM`` [RFC7925]_.
+
+.. note ::
+
+ **Implementation note**
+
+ Developers can replace default algorithms with others or implement more
+ algorithms according to actual usage scenarios and device capabilities.
+
+ If a Crypto hardware accelerator is integrated, the cipher suites and
+ algorithms also depend on those accelerator features.
+
+More details of cipher suite are described below.
+
+Digital signature and verification
+----------------------------------
+
+ECDSA is selected by default in Profile Medium.
+ECDSA requires much shorter keys compared with RSA at the same security level.
+Therefore, ECDSA can cost less storage area for assets and less network
+bandwidth to setup a TLS connection.
+ECDSA is also preferred for forward compatibility of future TLS versions.
+
+As requested in [RFC7251]_, ECC curve ``secp256r1`` should be supported. More
+ECC curves can be added based on the requirements in production.
+
+If usage scenarios require RSA algorithm for backward compatibility and legacy
+applications, platforms can add RSA support or replace ECDSA with RSA. The
+cipher suite should be switched accordingly.
+
+AEAD algorithm
+--------------
+
+If Protected Storage (PS) is implemented, it is recommended to select the same
+AEAD algorithm for PS service as the one used by TLS/DTLS cipher suite.
+
+Internal Trusted Storage
+========================
+
+The configuration of ITS is the same as those in Profile Small [PROFILE-S]_.
+
+Lightweight boot
+================
+
+BL2 implementation can be device specific. Devices may implement diverse
+boot processes with different features and configurations.
+However, the boot loader must support anti-rollback protection. Boot loader must
+be able to prevent unauthorized rollback, to protect devices from being
+downgraded to earlier versions with known vulnerabilities.
+
+MCUBoot in TF-M is configured as multiple image boot by default in Profile
+Medium. In multiple image boot, secure and non-secure images can be signed
+independently with different keys and they can be updated separately. It can
+support multiple vendors scenarios, in which non-secure and secure images are
+generated and updated by different vendors.
+Multiple image boot may require more storage area compared with single image
+boot.
+
+Protected Storage
+=================
+
+PS service is required if an off-chip storage device is integrated and used on
+the platform.
+
+TF-M PS service relies on an AEAD algorithm to ensure data confidentiality and
+integrity. It is recommended to select the same AEAD algorithm as the one used
+for TLS/DTLS cipher suite.
+
+Anti-rollback protection in PS relies on non-volatile counter(s) provided by
+TF-M Platform Secure Partition (SP).
+
+**************
+Implementation
+**************
+
+Overview
+========
+
+The basic idea is to add dedicated profile CMake configuration files under
+folder ``config/profile`` for TF-M Profile Medium default configuration, the
+same as Profile Small does.
+
+The top-level Profile Medium config file collects all the necessary
+configuration flags and set them to default values, to explicitly enable the
+features required in Profile Medium and disable the unnecessary ones, during
+TF-M build.
+
+A platform/use case can provide a configuration extension file to overwrite
+Profile Medium default setting and append other configurations.
+This configuration extension file can be added via parameter
+``TFM_EXTRA_CONFIG_PATH`` in build command line.
+
+The behaviour of the Profile Medium build flow (particularly the order of
+configuration loading and overriding) can be found at
+:ref:`tfm_cmake_configuration`
+
+The details of configurations will be covered in each module in
+`Implementation details`_.
+
+Implementation details
+======================
+
+This section discusses the details of Profile Medium implementation.
+
+Top-level configuration files
+-----------------------------
+
+The firmware framework configurations in ``config/profile/profile_medium`` are
+shown below.
+
+.. table:: Config flags in Profile Medium top-level CMake config file
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | Configs | Default value | Descriptions |
+ +============================================+=====================================================================================================+=====================================+
+ | ``TFM_ISOLATION_LEVEL`` | ``2`` | Select level 2 isolation |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_INTERNAL_TRUSTED_STORAGE`` | ``ON`` | Enable ITS SP |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``ITS_BUF_SIZE`` | ``32`` | ITS internal transient buffer size |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_CRYPTO`` | ``ON`` | Enable Crypto service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED`` | ``OFF`` | Enable Crypto asymmetric |
+ | | | encryption operations |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_MBEDCRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h`` | Mbed Crypto config file path |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_medium.h`` | Mbed Crypto PSA config file path |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_INITIAL_ATTESTATION`` | ``ON`` | Enable Initial Attestation service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_PROTECTED_STORAGE`` [1]_ | ``ON`` | Enable PS service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_PLATFORM`` | ``ON`` | Enable TF-M Platform SP |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+
+.. [1] PS service is enabled by default. Platforms without off-chip storage
+ devices can turn off ``TFM_PARTITION_PROTECTED_STORAGE`` to disable PS
+ service. See `Protected Storage Secure Partition`_ for details.
+
+.. Note::
+
+ Where a configuration is the same as the default in
+ ``config/config_base.cmake``, it is omitted from the profile configuration
+ file.
+
+Test configuration
+^^^^^^^^^^^^^^^^^^
+
+Standard regression test configuration applies. This means that enabling
+regression testing via
+
+``-DTEST_S=ON -DTEST_NS=ON``
+
+Will enable testing for all enabled partitions. See above for details of enabled
+partitions. Because Profile Medium enables IPC model, the IPC tests are also
+enabled.
+
+Some cryptography tests are disabled due to the reduced Mbed Crypto config.
+
+.. table:: TFM options in Profile Medium top-level CMake config file
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | Configs | Default value | Descriptions |
+ +============================================+===============+===============================================+
+ | ``TFM_CRYPTO_TEST_ALG_CBC`` | ``OFF`` | Disable CBC mode test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CCM`` | ``ON`` | Enable CCM mode test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CFB`` | ``OFF`` | Disable CFB mode test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_ECB`` | ``OFF`` | Disable ECB mode test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CTR`` | ``OFF`` | Disable CTR mode test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_OFB`` | ``OFF`` | Disable OFB mode test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_GCM`` | ``OFF`` | Disable GCM mode test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_SHA_384`` | ``OFF`` | Disable SHA-384 algorithm test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_SHA_512`` | ``OFF`` | Disable SHA-512 algorithm test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_HKDF`` | ``OFF`` | Disable HKDF algorithm test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_ECDH`` | ``ON`` | Enable ECDH key agreement test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_CHACHA20`` | ``OFF`` | Disable ChaCha20 stream cipher test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_CHACHA20_POLY1305`` | ``OFF`` | Disable ChaCha20-Poly1305 AEAD algorithm test |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+ | ``TFM_CRYPTO_TEST_SINGLE_PART_FUNCS`` | ``OFF`` | Test single-part operations in hash, MAC, |
+ | | | AEAD and symmetric ciphers |
+ +--------------------------------------------+---------------+-----------------------------------------------+
+
+Device configuration extension
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+To change default configurations and add platform specific configurations,
+a platform can add a platform configuration file at
+``platform/ext<TFM_PLATFORM>/config.cmake``
+
+Crypto service configurations
+-----------------------------
+
+Crypto Secure Partition
+^^^^^^^^^^^^^^^^^^^^^^^
+
+TF-M Profile Medium enables Crypto SP in top-level CMake config file.
+The following PSA Crypto operationts are enabled by default.
+
+ - Hash operations
+ - Message authentication codes
+ - Symmetric ciphers
+ - AEAD operations
+ - Asymmetric key algorithm based signature and verification
+ - Key derivation
+ - Key management
+
+Mbed Crypto configurations
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+TF-M Profile Medium adds a dedicated Mbed Crypto config file
+``tfm_mbedcrypto_config_profile_medium.h`` and Mbed Crypto PSA config file
+``crypto_config_profile_medium.h`` at ``/lib/ext/mbedcrypto/mbedcrypto_config``
+folder, instead of the common one ``tfm_mbedcrypto_config_default.h`` and
+``crypto_config_default.h`` [CRYPTO-DESIGN]_.
+
+Major Mbed Crypto configurations are set as listed below:
+
+ - Enable SHA256
+ - Enable generic message digest wrappers
+ - Enable AES
+ - Enable CCM mode for symmetric ciphers
+ - Disable other modes for symmetric ciphers
+ - Enable ECDH
+ - Enable ECDSA
+ - Select ECC curve ``secp256r1``
+ - Other configurations required by selected option above
+
+Other configurations can be selected to optimize the memory footprint of Crypto
+module.
+
+A device/use case can append an extra config header to the Profile Medium
+default Mbed Crypto config file. This can be done by setting the
+``TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH`` cmake variable in the platform
+config file ``platform/ext<TFM_PLATFORM>/config.cmake``. This cmake variable is
+a wrapper around the ``MBEDTLS_USER_CONFIG_FILE`` options, but is preferred as
+it keeps all configuration in cmake.
+
+Internal Trusted Storage configurations
+---------------------------------------
+
+ITS service is enabled in top-level Profile Medium CMake config file by default.
+
+The internal transient buffer size ``ITS_BUF_SIZE`` [ITS-INTEGRATE]_ is set to
+32 bytes by default. A platform/use case can overwrite the buffer size in its
+specific configuration extension according to its actual requirement of assets
+and Flash attributes.
+
+Profile Medium CMake config file won't touch the configurations of device
+specific Flash hardware attributes [ITS-INTEGRATE]_.
+
+Protected Storage Secure Partition
+----------------------------------
+
+Data confidentiality, integrity and anti-rollback protection are enabled by
+default in PS.
+
+If PS is selected, AES-CCM is used as AEAD algorithm by default. It requires to
+enable PS implementation to select diverse AEAD algorithm.
+
+If platforms don't integrate any off-chip storage device, platforms can disable
+PS in platform specific configuration extension file via
+``platform/ext<TFM_PLATFORM>/config.cmake``.
+
+BL2 setting
+-----------
+
+Profile Medium enables MCUBoot provided by TF-M by default. A platform can
+overwrite this configuration by disabling MCUBoot in its configuration extension
+file ``platform/ext<TFM_PLATFORM>/config.cmake``.
+
+If MCUBoot provided by TF-M is enabled, multiple image boot is selected by
+default in TF-M Profile Medium top-level CMake config file.
+
+If a device implements its own boot loader, the configurations are
+implementation defined.
+
+****************
+Platform support
+****************
+
+To enable Profile Medium on a platform, the platform specific CMake file should
+be added into the platform support list in top-level Profile Medium CMake config
+file.
+
+Building Profile Medium
+=======================
+
+To build Profile Medium, argument ``TFM_PROFILE`` in build command line should be
+set to ``profile_medium``.
+
+Take AN521 as an example:
+
+The following commands build Profile Medium without test cases on **AN521** with
+build type **MinSizeRel**, built by **Armclang**.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=arm/mps2/an521 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_medium \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ ../
+ cmake --build ./ -- install
+
+The following commands build Profile Medium with regression test cases on
+**AN521** with build type **MinSizeRel**, built by **Armclang**.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=arm/mps2/an521 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_medium \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ -DTEST_S=ON -DTEST_NS=ON \
+ ../
+ cmake --build ./ -- install
+
+.. Note::
+
+ - For devices with more contrained memory and flash requirements, it is
+ possible to build with either only TEST_S enabled or only TEST_NS enabled.
+ This will decrease the size of the test images. Note that both test suites
+ must still be run to ensure correct operation.
+
+More details of building instructions and parameters can be found TF-M build
+instruction guide [TFM-BUILD]_.
+
+*********
+Reference
+*********
+
+.. [PSA-FF-M] `Arm Platform Security Architecture Firmware Framework 1.0 <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0063-PSA_Firmware_Framework-1.0.0-2.pdf?revision=2d1429fa-4b5b-461a-a60e-4ef3d8f7f4b4>`_
+
+.. [RFC7925] `Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things <https://tools.ietf.org/html/rfc7925>`_
+
+.. [PROFILE-S] :doc:`Trusted Firmware-M Profile Small Design </configuration/profiles/tfm_profile_small>`
+
+.. [RFC7252] `The Constrained Application Protocol (CoAP) <https://tools.ietf.org/html/rfc7252>`_
+
+.. [RFC4279] `Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) <https://tools.ietf.org/html/rfc4279>`_
+
+.. [RFC7251] `AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for TLS <https://tools.ietf.org/html/rfc7251>`_
+
+.. [CRYPTO-DESIGN] :doc:`Crypto design </technical_references/design_docs/tfm_crypto_design>`
+
+.. [ITS-INTEGRATE] :doc:`ITS integration guide </integration_guide/services/tfm_its_integration_guide>`
+
+.. [TFM-BUILD] :doc:`TF-M build instruction </building/tfm_build_instruction>`
+
+--------------
+
+*Copyright (c) 2020-2022, Arm Limited. All rights reserved.*
diff --git a/docs/configuration/profiles/tfm_profile_medium_arot-less.rst b/docs/configuration/profiles/tfm_profile_medium_arot-less.rst
new file mode 100755
index 0000000..cfb5744
--- /dev/null
+++ b/docs/configuration/profiles/tfm_profile_medium_arot-less.rst
@@ -0,0 +1,248 @@
+###########################################
+Trusted Firmware-M Profile Medium-ARoT-less
+###########################################
+
+:Author: David Hu
+:Organization: Arm Limited
+:Contact: david.hu@arm.com
+
+************
+Introduction
+************
+
+TF-M Profile Medium-ARoT-less is a reference implementation to align with security requirements
+defined in PSA Certified ARoT-less Level 2 protection profile (PSA Certified ARoT-less) [1]_.
+
+TF-M Profile Medium-ARoT-less is defined based on TF-M Profile Medium [2]_, which aligns with PSA
+Certified Level 2 Protection Profile [3]_.
+
+**************
+Overall design
+**************
+
+TF-M Profile Medium-ARoT-less defines the following feature set:
+
+ - Firmware Framework
+
+ - Secure Function (SFN) model [4]_
+ - Isolation level 1 [5]_
+
+ - Internal Trusted Storage (ITS)
+
+ - Crypto
+
+ - Support both symmetric cryptography and asymmetric cryptography
+ - Asymmetric key based cipher suite suggested in TLS/DTLS profiles for
+ IoT [6]_ and CoAP [7]_, including
+
+ - Authenticated Encryption with Associated Data (AEAD) algorithm
+ - Asymmetric key algorithm based signature and verification
+ - Public-key cryptography based key exchange
+ - Hash function
+ - HMAC for default Pseudorandom Function (PRF)
+
+ - Asymmetric digital signature and verification for Initial Attestation
+ Token (IAT)
+
+ - Initial Attestation
+
+ - Asymmetric key algorithm based Initial Attestation
+
+ - Lightweight boot
+
+ - Anti-rollback protection
+ - Multiple image boot
+
+ - Firmware Update (FWU) RoT Service
+
+**************
+Design details
+**************
+
+Most of design in Profile Medium-ARoT-less is identical to that in Profile Medium. Refer to
+Profile Medium document [2]_ for details.
+Only the differences between Profile Medium-ARoT-less and Profile Medium are specified below.
+
+Firmware framework
+==================
+
+PSA Certified ARoT-less [1]_ is only applicable to devices that don’t support Application RoT (ARoT)
+services.
+The platform only consists of PSA RoT domain(s) in SPE making it unnecessary to implement the
+isolation between ARoT and PSA RoT.
+Therefore, this profile selects isolation level 1 to simplify implementation and optimize memory
+footprint and performance.
+
+Since only isolation level 1 is required, this profile enables SFN model rather than IPC mode for
+further simplification.
+
+Protected Storage
+=================
+
+Protected Storage (PS) is implemented as an Application RoT service in TF-M by default.
+Therefore, PS is disabled by default in this profile.
+
+FWU RoT Service
+===============
+
+As PSA Certified ARoT-less requests, FWU RoT Service is enabled by default to support secure
+update of platform if the platform supports FWU.
+
+.. note ::
+
+ **Implementation note**
+
+ The entire secure update sequence involves multiple agents and components, including bootloader,
+ TF-M FWU RoT Service, image update application(s), remote server(s), etc.
+
+ The secure update sequence is implementation-defined. Here is a reference of TF-M integration
+ with FreeRTOS OTA [8]_.
+
+**************
+Implementation
+**************
+
+The basic idea is to add dedicated profile CMake configuration files
+``config/profile/profile_medium_arotless`` for this profile default configuration.
+
+This top-level config file collects all the fundamental configuration flags and set them to default
+values, to explicitly configured the features required in this profile, during TF-M build.
+
+A platform/use case overwrite the default settings to configure this profile.
+
+The behavior of the build flow (particularly the order of configuration loading and overriding) can
+be found at :ref:`tfm_cmake_configuration`.
+
+The default configurations in ``config/profile/profile_medium_arotless`` are shown below.
+
+.. table:: Config flags in Profile Medium-ARoT-less top-level CMake config file
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | Configs | Default value | Descriptions |
+ +============================================+=====================================================================================================+=====================================+
+ | ``TFM_ISOLATION_LEVEL`` | ``1`` | Select level 1 isolation |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``CONFIG_TFM_SPM_BACKEND`` | ``SFN`` | Select SFN model |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_INTERNAL_TRUSTED_STORAGE`` | ``ON`` | Enable ITS SP |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``ITS_BUF_SIZE`` | ``32`` | ITS internal transient buffer size |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_CRYPTO`` | ``ON`` | Enable Crypto service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED`` | ``OFF`` | Enable Crypto asymmetric |
+ | | | encryption operations |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_MBEDCRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h`` | Re-use Profile Medium configuration |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_medium.h`` | Re-use Profile Medium configuration |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_INITIAL_ATTESTATION`` | ``ON`` | Enable Initial Attestation service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_FIRMWARE_UPDATE`` | ``ON`` | Enable Firmware Update service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_PROTECTED_STORAGE`` | ``OFF`` | Disable PS service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_PLATFORM`` | ``ON`` | Enable TF-M Platform SP |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+
+.. note::
+
+ Where a configuration is the same as the default in
+ ``config/config_default.cmake``, it might be omitted from the profile configuration
+ file.
+
+.. note::
+
+ **Implementation note**
+
+ If the platform doesn't support secure update functionalities, FWU service will be disabled
+ automatically. A warning will be thrown out during build.
+
+Regression test configuration
+=============================
+
+FWU regression tests and SFN regression tests are selected by default when regression tests are
+enabled.
+Other implementations are the same as those in Profile Medium.
+
+****************
+Platform support
+****************
+
+To enable Profile Medium on a platform, the platform specific CMake file should
+be added into the platform support list in top-level Profile Medium CMake config
+file.
+
+Building Profile Medium
+=======================
+
+To build Profile Medium, argument ``TFM_PROFILE`` in build command line should be
+set to ``profile_medium_arotless``.
+
+Take Musca-B1 as an example.
+The following commands build Profile Medium without test cases on **Musca-B1** with
+build type **MinSizeRel**, built by **Armclang**.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=musca-b1 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_medium_arotless \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ ../
+ cmake --build ./ -- install
+
+The following commands build Profile Medium-ARoT-less with regression test cases on
+**Musca-B1** with build type **MinSizeRel**, built by **Armclang**.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=musca-b1 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_medium_arotless \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ -DTEST_S=ON -DTEST_NS=ON \
+ ../
+ cmake --build ./ -- install
+
+.. note::
+
+ - For devices with more constrained memory and flash requirements, it is
+ possible to build with either only TEST_S enabled or only TEST_NS enabled.
+ This will decrease the size of the test images. Note that both test suites
+ must still be run to ensure correct operation.
+
+More details of building instructions and parameters can be found TF-M build instruction guide [9]_.
+
+*********
+Reference
+*********
+
+.. [1] `SESIP Profile for PSA Certified ARoT-less Level 2 <https://www.psacertified.org/app/uploads/2022/10/JSADEN019-PSA_Certified_Level_2_PP_SESIP_ARoT-less_REL-01.pdf>`_
+
+.. [2] :doc:`Trusted Firmware-M Profile Medium Design </configuration/profiles/tfm_profile_medium>`
+
+.. [3] `SESIP Profile for PSA Certified Level 2 <https://www.psacertified.org/app/uploads/2021/03/JSADEN012-PSA_Certified_Level_2_PP_SESIP-BETA02.pdf>`_
+
+.. [4] `Arm Firmware Framework for M 1.1 Extensions <https://developer.arm.com/documentation/aes0039/latest>`_
+
+.. [5] `Arm Platform Security Architecture Firmware Framework 1.0 <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0063-PSA_Firmware_Framework-1.0.0-2.pdf?revision=2d1429fa-4b5b-461a-a60e-4ef3d8f7f4b4>`_
+
+.. [6] `Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things <https://tools.ietf.org/html/4>`_
+
+.. [7] `The Constrained Application Protocol (CoAP) <https://tools.ietf.org/html/5>`_
+
+.. [8] `Secure OTA Updates for Cortex-M Devices with FreeRTOS <https://www.freertos.org/2021/07/secure-ota-updates-for-cortex-m-devices-with-freertos.html>`_
+
+.. [9] :doc:`TF-M build instruction </building/tfm_build_instruction>`
+
+--------------
+
+*Copyright (c) 2020-2022, Arm Limited. All rights reserved.*
diff --git a/docs/configuration/profiles/tfm_profile_small.rst b/docs/configuration/profiles/tfm_profile_small.rst
new file mode 100644
index 0000000..41dab92
--- /dev/null
+++ b/docs/configuration/profiles/tfm_profile_small.rst
@@ -0,0 +1,614 @@
+#######################################
+Trusted Firmware-M Profile Small Design
+#######################################
+
+************
+Introduction
+************
+
+As one of the TF-M Profiles, TF-M Profile Small (Profile S) consists of
+lightweight TF-M framework and basic Secure Services to keep smallest memory
+footprint, supporting fundamental security features on devices with ultra
+constrained resource.
+
+This profile enables connecting with Edge Gateways and IoT Cloud Services
+supporting secure connection based solely on symmetric cryptography.
+
+This document summarizes and discusses the features specified in TF-M Profile
+Small.
+
+**************
+Overall design
+**************
+
+TF-M Profile Small defines the following features:
+
+ - Lightweight framework
+
+ - Secure Function (SFN) model [2]_
+ - Level 1 isolation
+ - Buffer sharing allowed
+ - Single secure context
+
+ - Crypto
+
+ - Symmetric cipher only
+ - Cipher suite for symmetric-key algorithms based protocols, such as
+ cipher suites defined in TLS pre-shared key (TLS-PSK) [1]_.
+
+ - Advanced Encryption Standard (AES) as symmetric crypto algorithm
+ - SHA256 as Hash function
+ - HMAC as Message Authentication Code algorithm
+ - Only enable multi-part functions in hash, symmetric ciphers,
+ Message Authentication Code (MAC) and Authenticated Encryption with
+ Associated Data (AEAD) operations.
+
+ - Internal Trusted Storage (ITS)
+
+ - No encryption
+ - No rollback protection
+ - Decrease internal transient buffer size
+
+ - Initial Attestation
+
+ - Based on symmetric key algorithms
+
+ - Lightweight boot
+
+ - Single image boot
+ - Anti-rollback protection is enabled
+
+
+Protected Storage, firmware update and other Secure Services provided by TF-M are
+disabled by default.
+
+**************
+Design details
+**************
+
+More details of TF-M Profile Small design are discussed in following sections.
+
+Lightweight framework
+=====================
+
+TF-M framework model
+--------------------
+
+SFN model is selected by default in Profile Small implementation.
+SFN model is defined in FF-M 1.1 extensions [2]_. It is a more simple
+implementation of TF-M framework and may also reduce memory footprint, compared
+with Inter-Process Communication (IPC) model [3]_.
+
+Level 1 isolation
+-----------------
+
+PSA Security Model [4]_ defines 3 levels of isolation.
+
+ - Level 1 isolation isolates Secure Processing Environment (SPE) from
+ Non-secure Processing Environment (NSPE).
+ - PSA Root of Trust (PSA RoT) and Application Root of Trust (ARoT) are
+ isolated from each other in level 2 isolation.
+ - Individual secure partitions are isolated from each other even within a
+ particular security domain (PSA RoT, ARoT), in level 3 isolation.
+
+Profile Small dedicated use cases with simple service model may not require
+level 2 or level 3 isolation. Devices which Profile Small aims at may be unable
+to implement stricter isolation, limited by hardware capabilities.
+
+Level 1 isolation reduces requirements enforced by hardware isolation and cost
+of software for management.
+
+.. note ::
+
+ **Security note**
+
+ If a device or a use case enforces level 2 or level 3 isolation, it is
+ suggested to apply other configurations, other than TF-M Profile Small.
+
+Crypto service
+==============
+
+TF-M Profile Small only requires symmetric crypto since symmetric algorithms
+require shorter keys and less computational burden, compared with asymmetric
+crypto.
+
+By default, TF-M Profile Small requires the same capabilities as defined in
+TLS-PSK, to support symmetric key algorithms based protocols.
+
+.. note ::
+
+ **Implementation note**
+
+ Please note that TF-M Profile Small doesn't require that TLS-PSK is
+ mandatory in applications. Instead, Profile Small only requires the same
+ capabilities as defined in TLS-PSK, such as one symmetric cipher algorithm
+ and one hash function.
+
+TF-M Profile Small selects TLS-PSK cipher suite TLS_PSK_WITH_AES_128_CCM [5]_
+as reference, which requires:
+
+ - AES-128-CCM (AES CCM mode with 128-bit key) as symmetric crypto algorithm
+ - SHA256 as Hash function
+ - HMAC as Message Authentication Code algorithm
+
+TLS_PSK_WITH_AES_128_CCM is selected since it requires small key length and less
+hardware capabilities, while keeping enough level of security.
+
+.. note ::
+
+ **Implementation note**
+
+ Developers can replace default algorithms with others or implement more
+ algorithms.
+
+ Proper symmetric key algorithms and cipher suites should be selected
+ according to device capabilities, the use case and the requirement of peers
+ in connection.
+
+ Refer to `Crypto service configuration`_ for implementation details of
+ configuring algorithms and cipher suites.
+
+.. note ::
+
+ **Security note**
+
+ It is recommended not to use MD5 or SHA-1 for message digests as they are
+ subject to collision attacks [6]_ [7]_.
+
+By default, Profile Small only enables multi-part functions defined in PSA
+Cryptography API [13]_ in hash, symmetric ciphers, MAC and AEAD operations.
+Disabling single-part functions optimizes the code size of TF-M crypto service.
+Multi-part operations allows the message data to be processed in fragments
+instead of all at once. In static memory allocation, single-part operation may
+require to allocate a large memory space to support long message with unknown
+length. Therefore single-part operations can help users optimize memory
+footprint, especially while dealing with streaming data on IoT devices.
+
+It may slightly increase the code size in applications to replace single-part
+implementation with mulit-part implementation. Althgouth the code size increment
+can be qaulified, if users are concerned about the code size increment, they can
+enable single-part operations by toggling Profile Small default configuration.
+
+It may increase latency and overall time cost to implement cryptography
+functionality with single-part operations, compared to with multi-part ones.
+Users can enable single-part operations if the usage scenario requires
+single-part opreations to meet its perfermance metrics.
+
+Secure Storage
+==============
+
+TF-M Profile Small assumes that extremely constrained devices only contain basic
+on-chip storage, without external or removable storage.
+As a result, TF-M Profile Small includes ITS service and disables Protected
+Storage service.
+
+Encryption and rollback protection
+----------------------------------
+
+Neither encryption nor rollback protection is enabled in current ITS
+implementation.
+
+It is expected that ITS relies solely on the physical inaccessibility property
+of on-chip storage, together with PSA isolation, without requiring additional
+cryptographic protection.
+
+Internal transient buffer
+-------------------------
+
+ITS implements a internal transient buffer [8]_ to hold the data read
+from/written to storage, especially for flash, to solve the alignment and
+security issues.
+
+The internal transient buffer is aligned to the flash device’s program unit.
+Copying data to it from the caller can align all write requests to the flash
+device’s program unit.
+The internal transient buffer can help protect Flash access from some attacks,
+such as TOCTOU attack.
+
+Although removing this internal buffer can save some memory consumption,
+typically 512 bytes, it may bring alignment or security issues.
+Therefore, to achieve a better trade-off between memory footprint and security,
+TF-M Profile Small optimizes the internal buffer size to 32 bytes by default.
+
+As discussed in `Crypto service`_, TF-M Profile Small requires AES-128 and
+SHA-256, which use 128-bit key and 256-bit key respectively.
+Besides, either long public/private keys or PKI-based certificates should be
+very rare as asymmetric crypto is not supported in Profile Small.
+Therefore, a 32-byte internal buffer should cover the assets in TF-M Profile
+Small use cases.
+
+The buffer size can be adjusted according to use case and device Flash
+attributes. Refer to `Internal Trusted Storage configurations`_ for more
+details.
+
+Initial Attestation
+===================
+
+Profile Small requires an Initial Attestation secure service based on symmetric
+key algorithms. Refer to PSA Attestation API document [9]_ for details of
+Initial Attestation based on symmetric key algorithms.
+
+It can heavily increase memory footprint to support Initial Attestation based on
+asymmetric key algorithms, due to asymmetric ciphers and related PKI modules.
+
+.. note ::
+
+ **Implementation note**
+
+ As pointed out by PSA Attestation API document [9]_, the use cases of
+ Initial Attestation based on symmetric key algorithms can be limited due to
+ the associated infrastructure costs for key management and operational
+ complexities. It may also restrict the ability to interoperate with
+ scenarios that involve third parties.
+
+ If asymmetric key algorithms based Initial Attestation is required in use
+ scenarios, it is recommended to select other TF-M Profiles which support
+ asymmetric key algorithms.
+
+.. note ::
+
+ **Implementation note**
+
+ It is recommended to utilize the same MAC algorithm supported in Crypto
+ service to complete the signing in ``COSE_Mac0``, to minimize memory
+ footprint.
+
+Lightweight boot
+================
+
+If MCUBoot provided by TF-M is enabled, single image boot [10]_ is selected by
+default in Profile Small.
+In case of single image boot, secure and non-secure images are handled as a
+single blob and signed together during image generation.
+
+However, secure and non-secure images must be updated together in single image
+boot. It may decrease the flexibility of image update and cost longer update
+process. Since the image sizes should usually be small with limited
+functionalities in Profile Small dedicated use case, the cost may still be
+reasonable.
+
+BL2 implementation can be device specific. Devices may implement diverse
+boot processes with different features and configurations.
+However, anti-rollback protection is required as a mandatory feature of boot
+loader. Boot loader should be able to prevent unauthorized rollback, to protect
+devices from being downgraded to earlier versions with known vulnerabilities.
+
+**************
+Implementation
+**************
+
+Overview
+========
+
+The basic idea is to add dedicated profile CMake configuration files under
+folder ``config/profile`` for TF-M Profile Small default configuration.
+
+The top-level Profile Small config file collects all the necessary
+configuration flags and set them to default values, to explicitly enable the
+features required in Profile Small and disable the unnecessary ones, during
+TF-M build.
+
+A platform/use case can provide a configuration extension file to overwrite
+Profile Small default setting and append other configurations.
+This configuration extension file can be added via parameter
+``TFM_EXTRA_CONFIG_PATH`` in build command line.
+
+The behavior of the Profile Small build flow (particularly the order of
+configuration loading and overriding) can be found at
+:ref:`tfm_cmake_configuration`
+
+The details of configurations will be covered in each module in
+`Implementation details`_.
+
+Implementation details
+======================
+
+This section discusses the details of Profile Small implementation.
+
+Top-level configuration files
+-----------------------------
+
+The firmware framework configurations in ``config/profile/profile_small`` are
+shown below.
+
+.. table:: TFM options in Profile Small top-level CMake config file
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | Configs | Default value | Descriptions |
+ +============================================+=====================================================================================================+=====================================+
+ | ``TFM_ISOLATION_LEVEL`` | ``1`` | Select level 2 isolation |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_INTERNAL_TRUSTED_STORAGE`` | ``ON`` | Enable ITS SP |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``ITS_BUF_SIZE`` | ``32`` | ITS internal transient buffer size |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_CRYPTO`` | ``ON`` | Enable Crypto service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_MBEDCRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h`` | Mbed Crypto config file path |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_small.h`` | Mbed Crypto PSA config file path |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``CRYPTO_ASYM_SIGN_MODULE_ENABLED`` | ``OFF`` | Enable asymmetric signature |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED`` | ``OFF`` | Enable asymmetric encryption |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_INITIAL_ATTESTATION`` | ``ON`` | Enable Initial Attestation service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``SYMMETRIC_INITIAL_ATTESTATION`` | ``ON`` | Enable symmetric attestation |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_PROTECTED_STORAGE`` | ``OFF`` | Enable PS service |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``TFM_PARTITION_PLATFORM`` | ``OFF`` | Enable TF-M Platform SP |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+
+.. note ::
+
+ **Implementation note**
+
+ The following sections focus on the feature selection via configuration
+ setting.
+ Dedicated optimization on memory footprint is not covered in this document.
+
+Device configuration extension
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+To change default configurations and add platform specific configurations,
+a platform can add a platform configuration file at
+``platform/ext<TFM_PLATFORM>/config.cmake``
+
+TF-M framework setting
+----------------------
+
+The top-level Profile Small CMake config file selects SFN model and level 1
+isolation.
+
+In SFN model, ``-DPSA_FRAMEWORK_HAS_MM_IOVEC`` is enabled by default.
+It reduces memory footprint by avoiding the transient copy from input
+vectors and copy to output vectors.
+
+Crypto service configuration
+----------------------------
+
+Crypto Secure Partition
+^^^^^^^^^^^^^^^^^^^^^^^
+
+TF-M Profile Small enables Crypto Secure Partition (SP) in its top-level CMake
+config file. Crypto SP modules not supported in TF-M Profile Small are disabled.
+The disabled modules/features are shown below.
+
+ - Disable asymmetric cipher
+ - Disable single-part operations in Hash, MAC, AEAD and symmetric ciphers
+ via selecting ``CRYPTO_SINGLE_PART_FUNCS_DISABLED``
+
+Other modules and configurations [11]_ are kept as default values.
+
+Additional configuration flags with more fine granularity can be added to
+control building of specific crypto algorithms and corresponding test cases.
+
+Mbed Crypto configurations
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+TF-M Profile Small adds a dedicated Mbed Crypto config file
+``tfm_mbedcrypto_config_profile_small.h`` and Mbed Crypto PSA config file
+``crypto_config_profile_small.h`` at ``/lib/ext/mbedcrypto/mbedcrypto_config``
+folder, instead of the common one ``tfm_mbedcrypto_config_default.h`` and
+``crypto_config_default.h`` [11]_.
+
+Major Mbed Crypto configurations are set as listed below:
+
+ - Enable SHA256
+ - Enable generic message digest wrappers
+ - Enable AES
+ - Enable CCM mode for symmetric ciphers
+ - Disable other modes for symmetric ciphers
+ - Disable asymmetric ciphers
+ - Disable HMAC-based key derivation function (HKDF)
+
+Other configurations can be selected to optimize the memory footprint of Crypto
+module.
+
+A device/use case can append an extra config header to the Profile Small
+default Mbed Crypto config file. This can be done by setting the
+``TFM_MBEDCRYPTO_PLATFORM_EXTRA_CONFIG_PATH`` cmake variable in the platform
+config file ``platform/ext<TFM_PLATFORM>/config.cmake``. This cmake variable is
+a wrapper around the ``MBEDTLS_USER_CONFIG_FILE`` options, but is preferred as
+it keeps all configuration in cmake.
+
+Internal Trusted Storage configurations
+---------------------------------------
+
+ITS service is enabled in top-level Profile Small CMake config file.
+
+The internal transient buffer size ``ITS_BUF_SIZE`` [8]_ is set to 32 bytes by
+default. A platform/use case can overwrite the buffer size in its specific
+configuration extension according to its actual requirement of assets and Flash
+attributes.
+
+Profile Small CMake config file won't touch the configurations of device
+specific Flash hardware attributes [8]_.
+
+Initial Attestation secure service
+----------------------------------
+
+TF-M Profile Small provides a reference implementation of symmetric key
+algorithms based Initial Attestation, using HMAC SHA-256 as MAC algorithm in
+``COSE_Mac0`` structure. The implementation follows PSA Attestation API document
+[9]_.
+
+Profile Small top-level config file enables Initial Attestation secure service
+and selects symmetric key algorithms based Initial Attestation by default.
+
+ - Set ``TFM_PARTITION_INITIAL_ATTESTATION`` to ``ON``
+ - Set ``SYMMETRIC_INITIAL_ATTESTATION`` to ``ON``
+
+Symmetric and asymmetric key algorithms based Initial Attestation can share the
+same generations of token claims, except Instance ID claim.
+
+Profile Small may implement the procedure or rely on a 3rd-party tool to
+construct and sign ``COSE_Mac0`` structure.
+
+Details of symmetric key algorithms based Initial Attestation design will be
+covered in a dedicated document.
+
+Disabled secure services
+------------------------
+
+Protected Storage and Platform Service are disabled by default
+in Profile Small top-level CMake config file.
+
+Test configuration
+------------------
+
+Some cryptography tests are disabled due to the reduced Mbed Crypto config.
+Some of them are shown in the table below.
+
+.. table:: TFM options in Profile Small top-level CMake config file
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+---------------+----------------------------------------+
+ | Configs | Default value | Descriptions |
+ +============================================+===============+========================================+
+ | ``TFM_CRYPTO_TEST_ALG_CBC`` | ``OFF`` | Test CBC cryptography mode |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CCM`` | ``ON`` | Test CCM cryptography mode |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CFB`` | ``OFF`` | Test CFB cryptography mode |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_ECB`` | ``OFF`` | Test ECB cryptography mode |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_CTR`` | ``OFF`` | Test CTR cryptography mode |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_OFB`` | ``OFF`` | Test OFB cryptography mode |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_GCM`` | ``OFF`` | Test GCM cryptography mode |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_SHA_384`` | ``OFF`` | Test SHA-384 cryptography algorithm |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ALG_SHA_512`` | ``OFF`` | Test SHA-512 cryptography algorithm |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_HKDF`` | ``OFF`` | Test HKDF key derivation algorithm |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_ECDH`` | ``OFF`` | Test ECDH key agreement algorithm |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_CHACHA20`` | ``OFF`` | Test ChaCha20 stream cipher |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_CHACHA20_POLY1305`` | ``OFF`` | Test ChaCha20-Poly1305 AEAD algorithm |
+ +--------------------------------------------+---------------+----------------------------------------+
+ | ``TFM_CRYPTO_TEST_SINGLE_PART_FUNCS`` | ``OFF`` | Test single-part operations in hash, |
+ | | | MAC, AEAD and symmetric ciphers |
+ +--------------------------------------------+---------------+----------------------------------------+
+
+BL2 setting
+-----------
+
+Profile Small enables MCUBoot provided by TF-M by default. A platform can
+overwrite this configuration by disabling MCUBoot in its configuration extension
+file ``platform/ext<TFM_PLATFORM>/config.cmake``.
+
+If MCUBoot provided by TF-M is enabled, single image boot is selected in TF-M
+Profile Small top-level CMake config file.
+
+If a device implements its own boot loader, the configurations are
+implementation defined.
+
+.. table:: BL2 options in Profile Small top-level CMake config file
+ :widths: auto
+ :align: center
+
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | Configs | Default value | Descriptions |
+ +============================================+=====================================================================================================+=====================================+
+ | ``BL2`` | ``ON`` | Enable MCUBoot bootloader |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+ | ``MCUBOOT_IMAGE_NUMBER`` | ``1`` | Combine S and NS images |
+ +--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
+
+****************
+Platform support
+****************
+
+Building Profile Small
+======================
+
+To build Profile Small, argument ``TFM_PROFILE`` in build command line should be
+set to ``profile_small``.
+
+Take AN521 as an example.
+
+The following commands build Profile Small without test cases on **AN521** with
+build type **MinSizeRel**, built by **Armclang**.
+SFN model is selected by default.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=arm/mps2/an521 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_small \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ ../
+ cmake --build ./ -- install
+
+The following commands build Profile Small with regression test cases on
+**AN521** with build type **MinSizeRel**, built by **Armclang**.
+SFN model is selected by default.
+
+.. code-block:: bash
+
+ cd <TFM root dir>
+ mkdir build && cd build
+ cmake -DTFM_PLATFORM=arm/mps2/an521 \
+ -DTFM_TOOLCHAIN_FILE=../toolchain_ARMCLANG.cmake \
+ -DTFM_PROFILE=profile_small \
+ -DCMAKE_BUILD_TYPE=MinSizeRel \
+ -DTEST_NS=ON \
+ ../
+ cmake --build ./ -- install
+
+.. Note::
+
+ - For devices with more constrained memory and flash requirements, it is
+ possible to build with either only TEST_S enabled or only TEST_NS enabled.
+ This will decrease the size of the test images. Note that both test suites
+ must still be run to ensure correct operation.
+
+More details of building instructions and parameters can be found TF-M build
+instruction guide [12]_.
+
+*********
+Reference
+*********
+
+.. [1] `Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) <https://tools.ietf.org/html/rfc4279>`_
+
+.. [2] `Arm Firmware Framework for M 1.1 Extensions <https://developer.arm.com/documentation/aes0039/latest>`_
+
+.. [3] `Arm Platform Security Architecture Firmware Framework 1.0 <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0063-PSA_Firmware_Framework-1.0.0-2.pdf?revision=2d1429fa-4b5b-461a-a60e-4ef3d8f7f4b4&hash=3BFD6F3E687F324672F18E5BE9F08EDC48087C93>`_
+
+.. [4] `Platform Security Model 1.1 <https://developer.arm.com/documentation/den0128/latest>`_
+
+.. [5] `AES-CCM Cipher Suites for Transport Layer Security (TLS) <https://tools.ietf.org/html/rfc6655>`_
+
+.. [6] `Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms <https://tools.ietf.org/html/rfc6151>`_
+
+.. [7] `Transitioning the Use of Cryptographic Algorithms and Key Lengths <https://www.nist.gov/publications/transitioning-use-cryptographic-algorithms-and-key-lengths>`_
+
+.. [8] :doc:`ITS integration guide </integration_guide/services/tfm_its_integration_guide>`
+
+.. [9] `PSA Attestation API 1.0 (ARM IHI 0085) <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Implement/IHI0085-PSA_Attestation_API-1.0.2.pdf?revision=eef78753-c77e-4b24-bcf0-65596213b4c1&la=en&hash=E5E0353D612077AFDCE3F2F3708A50C77A74B2A3>`_
+
+.. [10] :doc:`Secure boot </technical_references/design_docs/tfm_secure_boot>`
+
+.. [11] :doc:`Crypto design </technical_references/design_docs/tfm_crypto_design>`
+
+.. [12] :doc:`TF-M build instruction </building/tfm_build_instruction>`
+
+.. [13] `PSA Cryptography API 1.0 <https://developer.arm.com/documentation/ihi0086/a/?lang=en>`_
+
+--------------
+
+*Copyright (c) 2020-2022, Arm Limited. All rights reserved.*