Trusted Firmware Open Governance Project

The reference implementation of Secure world software for Armv7-A, Armv8-A, and Armv8-M architectures.

TrustedFirmware lock icon logo

Overview

Trusted Firmware Trusted Firmware provides a reference implementation of Secure world software for Armv7-A, Armv8-A, and Armv8-M architectures.

Trusted Firmware provides SoC developers and OEMs with a reference trusted code base that complies with the relevant Arm specifications. This forms the foundations of a Trusted Execution Environment (TEE) on application processors, ora Secure Processing Environment (SPE) on microcontrollers.

Trusted Firmware is designed to reduce porting and integration work across the ecosystem by creating reusable reference implementations for SoCs and Trusted OS developers.

Membership in the Trusted Firmware project is open to Linaro members and non-members. Project governance is overseen by a board of member representatives. This board currently consists of representatives from Arm, Linaro, Texas Instruments, Google LLC, Cypress Semiconductor, STMicroelectronics, and Data I/O.

The Trusted Firmware project is provided under a BSD-3-Clause license. Contributions are accepted under the term of Developer Certificate of Origin.

Trusted Firmware-A (TF-A)

Trusted Firmware-A (TF-A) supports Armv7-A and Armv8-A systems, including a Secure Monitor that executes at Exception Level 3 (EL3). Trusted Firmware implements various Arm interface standards, including the Power State Coordination Interface (PSCI), Trusted Board Boot Requirements (TBBR), SMC Calling Convention, and System Control and Management Interface.

Learn more

Trusted Firmware-M (TF-M)

Trusted Firmware-M (TF-M) provides a reference implementation of the platform security architecture aligning with PSA Certified guidelines for Arm Cortex-M processors and leverages Arm TrustZone technology on Arm v8-M cores. TF-M is being built as a set of highly configurable software components that are suitable for constrained systems. TF-M consists of secure boot and a set of secure runtime services, including Secure Storage, Cryptography, Audit Logs, and Provisioning that can be used by applications.

Learn more