TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / sandbox / pfalcon / trusted-firmware-m / 8e448346997bad3f1452d884cc50f6dec20eb041 / . / docs / glossary.rst
blob: 2ee18e701431f7dc80dca0eb461e15f99f609cd0 [file] [log] [blame]
Galanakis, Minos41f85972019-09-30 15:56:40 +0100[diff] [blame]1###################################
2Glossary of terms and abbreviations
3###################################
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]4
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]5.. glossary::
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]6 :sorted:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]7
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]8 Application RoT
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]9 `PSA term`_. The security domain in which additional security services
10 are implemented.
11
12 HAL
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]13 Hardware Abstraction Layer:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]14 Interface to abstract hardware-oriented operations and provides a set of
15 APIs to the upper layers.
16
17 RoT
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]18 Root of Trust:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]19 `PSA term`_. This is the minimal set of software, hardware and data that
20 is implicitly trusted in the platform there is no software or hardware
21 at a deeper level that can verify that the Root of Trust is authentic
22 and unmodified.
23
24 RoT Service
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]25 `PSA term`_. A set of related security operations that are implemented
26 in a Secure Partition.
27
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]28 NSPE
29 Non Secure Processing Enviroment:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]30 `PSA term`_. In TF-M this means non secure domain typically running an
31 OS using services provided by TF-M.
32
33 PSA
34 `PSA term`_. Platform Security Architecture.
35
36 PSA-FF
37 `PSA term`_. Platform Security Architecture Firmware Framework.
38
39 PSA-FF-M
40 `PSA term`_. Platform Security Architecture Firmware Framework for M.
41
42 PSA RoT
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]43 `PSA term`_. This defines the most trusted security domain within a PSA
44 system.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]45
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]46 SFN
47 Secure Function:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]48 The function entry to a secure service. Multiple SFN per SS are
49 permitted.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]50
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]51 SP
52 Secure Partition:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]53 A logical container for secure services.
54
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]55 SPE
56 Secure Processing Environment:
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]57 `PSA term`_. In TF-M this means the secure domain protected by TF-M.
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]58
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]59 SPM
60 Secure Partition Manager
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]61 The TF-M component responsible for enumeration, management and isolation
62 of multiple Secure Partitions within the TEE.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]63
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]64 SPRT
65 Secure Partition Runtime:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]66 The TF-M component responsible for Secure Partition runtime
67 functionalities.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]68
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]69 SPRTL
70 Secure Partition Runtime Library:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]71 A library contains the SPRT code and data.
72
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]73 SS
74 Secure Service:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]75 A component within the TEE that is atomic from a security/trust point of
76 view, i.e. which is viewed as a single entity from a TF-M point of view.
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]77
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]78 PS
79 Protected Storage service provided by TF-M.
Kevin Pengc6d74502020-03-04 16:55:37 +0800[diff] [blame]80
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]81 ITS
Kevin Pengc6d74502020-03-04 16:55:37 +0800[diff] [blame]82 Internal Trusted Storage service provided by TF-M.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]83
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]84 TFM
85 TF-M
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]86 Trusted Firmware-M or Trusted Firmware for M-class.
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]87 ARM TF-M provides a reference implementation of secure world software
88 for ARMv8-M.
89
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]90 TBSA-M
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]91 Trusted Base System Architecture for Armv6-M, Armv7-M and Armv8-M.
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]92 TBSA term. See `Trusted Base System Architecture for Armv6-M, Armv7-M
93 and Armv8-M`_
94
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]95 MPC
96 Memory Protection Controller:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]97 Bus slave-side security controller for memory regions.
98
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]99 PPC
100 Peripheral Protection Controller:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]101 Bus slave-side security controller for peripheral access.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]102
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]103 S/NS
104 Secure/Non-secure:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]105 The separation provided by TrustZone hardware components in the system.
106
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]107 SAU
108 Secure Attribution Unit:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]109 Hardware component providing isolation between Secure, Non-secure
110 Callable and Non-secure addresses.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]111
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]112 AAPCS
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]113 ARM Architecture Procedure Call Standard:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]114 The AAPCS defines how subroutines can be separately written, separately
115 compiled, and separately assembled to work together. It describes a
116 contract between a calling routine and a called routine
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]117
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]118 MPU
119 Memory Protection Unit:
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]120 Hardware component providing privilege control.
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]121
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]122 SVC
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]123 SuperVisor Call:
Edison Ai1e385842020-05-18 13:16:41 +0800[diff] [blame]124 ARMv7M assembly instruction to call a privileged handler function
125
Anton Komlev8e448342022-04-06 10:19:35 +0100[diff] [blame^]126.. rubric:: Reference
Edison Ai589d3b12020-05-18 13:49:19 +0800[diff] [blame]127
128| `PSA Firmware_Framework for M`_
129
130.. _PSA Firmware_Framework for M: https://pages.arm.com/psa-resources-ff.html
131
132.. _PSA term: `PSA Firmware_Framework for M`_
133
134| `Trusted Base System Architecture for Armv6-M, Armv7-M and Armv8-M`_
135
136.. _Trusted Base System Architecture for Armv6-M, Armv7-M and Armv8-M: https://pages.arm.com/psa-resources-tbsa-m.html
137
Gyorgy Szingdb9783c2019-04-17 21:08:48 +0200[diff] [blame]138--------------
139
Ken Liub8592cd2020-05-13 18:04:44 +0800[diff] [blame]140*Copyright (c) 2017-2020, Arm Limited. All rights reserved.*