Renesas TF-M Application Note
Application Note
Renesas RA Family
Using Trusted Firmware-M (TF-M) with FSP v2.0.3
Introduction
Arm® Platform Security Architecture (PSA) and PSA CertifiedTM are the next generation security specification
from Arm with certification support. Trusted Firmware-M (TF-M) is an open source collaboration which
implements the PSA specification for Arm Cortex
Trusted Firmware-M integrates with Renesas Flexible Software Package (FSP) to support PSA specification
implementation on the Renesas RA Family MCU groups. A working demonstration of firmware updates is
also included in this application project.
The software project provided in this application project is based on FSP 2.0.3 and EK-RA6M4, as per the
PSA Certified Level 2 FSP version. Subsequent FSP releases will continue to remain aligned with TF-M
updates.
For more in-depth knowledge on PSA and TF-M, user is encouraged to learn from the Arm PSA and TF-M
relevant links provided in the Reference section.
Required Resources
Development Tools and Software
• The e
• Renesas Flex Software Package (FSP) v2.0.3
• SEGGER J-link® USB driver
• Python 3.8 - https://www.python.org/downloads/
2
studio ISDE v2020-10
The above three software components: the FSP, J-Link USB drivers and e
downloadable platform installer available on the FSP webpage at renesas.com/ra/fsp
®
-M MCU groups. This application project introduces how
2
studio are bundled in a
Hardware
• EK-RA6M4, Evaluation Kit for RA6M4 MCU Group (http://www.renesas.com/ra/ek-ra6m4
• Workstation running Wind ows® 10; the Tera Term console, or similar application
• Two USB device cables (type-A male to micro-B male)
)
Prerequisites and Intended Audience
This application project assumes you have some experience with the Renesas e2 studio ISDE and FSP.
Before you perform the procedures in this application note, follow the FSP User’s Manual
Blinky project. Prior knowledge of PSA and TF-M is helpful. Prior knowledge on Python usage is helpful. The
intended audience are users who are interested in using TF-M with Renesas FSP package.
to build and run the
R11AN0493EU0100 Rev.1.00 Page 1 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
Contents
1. Arm® Platform Security Architecture and Trusted Firmware-M ................................................. 3
1.1 Why Arm Platform Security Architecture (PSA) ...................................................................................... 3
1.2 PSA CertifiedTM ........................................................................................................................................ 4
1.3 Trusted Firmware-M Proj ect .................................................................................................................... 5
1.3.1 Trusted Firmware-M as an Implementatio n of the PSA Specif icat io n ................................................... 5
1.3.2 History of TF-M/TF-A ............................................................................................................................. 6
1.3.3 TF-M Provides Secure World Services for the PSA RoT Use Case of TrustZone ............................... 6
TM
2. PSA Certified
2.1 Introduction to the PSA Isolation Level 2 ................................................................................................ 8
2.2 Testing of PSA Level 2 Implementati on .................................................................................................. 9
2.3 Certification of PSA CertifiedTM Level 2 with TF-M .................................................................................. 9
3. Using TFM V1.1 with FSP v2.0.3 ........................................................................................... 10
3.1 Using the TF-M Bootloader and Debug the Skeleton Projects ............................................................. 10
3.2 Debugging the Projects ......................................................................................................................... 13
Level 2 ........................................................................................................... 7
3.3 Making the Bootloader Immutable ......................................................................................................... 20
3.4 Device Lifecycle Management – Disabl ing the Deb ug and Fact or y Progra mm ing Interfaces .............. 22
3.5 Customizing a Renesas TF-M Implementation for an End Product ...................................................... 25
4. Example Project for Firmware Update ................................................................................... 27
4.1 Import and Download the Example Firmware Update Project .............................................................. 27
4.2 Running the Example Firmware Downloader Application ..................................................................... 27
5. References ............................................................................................................................ 31
6. Website and Support ............................................................................................................. 32
Revision History ............................................................................................................................ 33
Notice ............................................................................................................................................. 1
R11AN0493EU0100 Rev.1.00 Page 2 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
1. Arm® Platform Security Architecture and Trusted Firmware-M
1.1 Why Arm Platform Security Architecture (PSA)
Arm Platform Security Architecture (PSA) offers a framework for securing connected devices with a matching
evaluation scheme to check that security has been implemented correctly. Following are some PSA features
that a customer can benefit from for their security design.
• Build on a Common Foundation
Arm PSA offers a holistic set of MCU and firmware architectural specifications to guide customer
design and ens ures IoT secur ity c ommon foundation. Arm PSA ensures your device security is
based on a common foundation, supported by the Arm ecosystem with a complete set of specifications
guiding customers through the design and evaluation process. Below are the group of specifications.
1. PSA Security Model [PSA-SM] – Foundational trust models and patterns.
2. Factory Initialization [PSA-FI] – Requirements for initial secure device pr ogra mming
and configuration (yet to be available at the time of release of this Application Project).
3. Trusted Base System Architecture [TBSA-M] – Hardware platform requirements.
4. Trusted Boot and Firmware Update [TBFU].
5. Firmware Framework [PSA-FF] – Firmware interface definition of a Secure Processing.
6. Environment (SPE) for constrained IoT platforms, including PSA Root of Trust APIs.
7. Developer APIs – Interfaces to security services for application developers.
These PSA specifications greatly simplify the process of evaluating IoT devices against security standards.
For more details of the PSA Trusted Based System Architecture and Firmware Framework specifications,
please visit the Arm P SA websites here:
https://developer.arm.com/architectures/security-architectures/platform-security-architecture
• Reduce Costs and Time
Arm PSA reduces cost and complexity of software development for ecosystem partners by facilitating re-use,
improving interoperability, and minimizing API fragmentation.
The PSA Functional APIs define the foundations on which security services are built, allowing devices to be
secure by design. These APIs provide a consistent developer experience for RTOS and software developers
ensuring interoperability across different hardware implementations of the Root of Trust.
PSA also reduces cost of security and complexity for SoC designers– by leveraging from the primitives
offered by the PSA.
• Increase Confidence
PSA Certified
of security, and to help developers and customers trust that they can achieve the level of security they need.
By working with leading test labs, PSA Certified provides multi-level assurance for devices, depending on the
security requirements established through analysis of threats for a specific use case. Certifying your device
with independent security testing provides trust in the deployment of IoT at scale, drastically increasing
customer confidence.
TM
enables IoT chipsets and devices to be tested in laboratory conditions, to evaluate their level
R11AN0493EU0100 Rev.1.00 Page 3 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
1.2 PSA CertifiedTM
PSA Certified program methodically uses IoT threat models, security goals and industry best practices to
provide free access to world-leading security expertise. The following image is from pascertifed.org which
shows some of the aspects PSA Certified test for in terms of system security.
Figure 1. Security Considerations
Standardized security considerations become more important with the increase in security breaches, system
complexity, as well as IoT device connectivity. PSA Certified is intended to give consumer device
manufacturers confidence that their products follow good security practices as being outlined by these
specifications.
There are three PSA Certification Levels.
• PSA Certified Level 1 is a concise set of methodically developed requirements that builds a foundation
of security for the IoT. This foundation is essential since most IoT attacks exploit the most basic
vulnerabilities. PSA Certified Level 1 aligns with key government requirement to ensure global
applicability and showcase security best practice. Renesas Synergy S5 Cortex-M4 MCU Groups, RA
Family RA6 Series Cortex-M4 and RA4/RA6 Cortex-CM33 MCU Groups are PSA Level 1 Certified.
• PSA Certified Level 2 provides a laboratory evaluation of a PSA Root of Trust (PSA-RoT) to provide
evidence that it can protect against scalable software attacks.
Renesas Cortex-M33 RA6M4 MCU Group with FSP v2.0.3 is PSA Certified Level 2.
PSA Functional API certification is a prerequisite of PSA Certified Level 2.
FSP 2.0.3 is PSA Functional API certified.
https://www.psacertified.org/products/ra6m4/
R11AN0493EU0100 Rev.1.00 Page 4 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
Figure 2. Renesas RA6M4 MCU Group with FSP 2.03 is PSA CertifiedTM Level 2
• PSA Certified Level 3 is currently under development, PSA Certified Level 3 will provide laboratory
assessment of IoT chips with substantial security capabilities.
For more details on the PSA Certified Governing Scheme, please visit
https://www.psacertified.org/getting-certified/silicon-vendor/overview/
.
1.3 Trusted Firmware-M Project
Trusted Firmware-M (TF-M) provides reference implementation of secure world software to implement
threat protections defined in common use cases. TF-M is based on the PSA Firmware Framework
specification and provides the reference implementation of the PSA Functional APIs.
1.3.1 Trusted Firmware-M as an Implementation of the PSA Specification
TF-M is the platform security architecture reference implementation aligning with PSA Certified guidelines,
enabling chips, Real Time Operating Systems and devices to become PSA Certified.
Trusted Firmware-M (TF-M) is being deve lop ed as an Open Sourc e pr ojec t under an Open Governance
Model, learn more at Trusted F irmw are: open sourc e S ecure wor ld s oftwar e
TF-M provides a Trusted Execution Environment (TEE) for Arm® v7-M and v8-M devices. For Arm v8-M
devices, TF-M leverages Arm TrustZone technology, and is the reference implementation of platform security
architecture aligning with PSA Certified guidelines.
.
Being a platinum board member, Renesas influences the mission and strategy of the TF-M project.
R11AN0493EU0100 Rev.1.00 Page 5 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
Trusted Firmware-M consists of:
• Secure Boot to authenticate integrity of Non-secur e Proc es sing Envir o nme nt (NSPE) and Secure
Processing Environment (SPE) images
• TF-M Core responsible for controlling the isolation, communication and execution within SPE and with
NSPE
• Cryptography, Internal Trusted Storage (ITS), Protected Storage (PS), and Attestation secure services.
Figure 3. TF-M Architecture
For future TF-M development road map, please refer to
https://developer.trustedfirmware.org/w/tf_m/planning/
.
1.3.2 History of TF-M/TF-A
Arm® Trusted Firmware provides a reference implementation of secure world software. Originally designed
and implemented for Cortex -A devices, Trusted Firmware-M forms the foundations of a Secure Processing
Environment (SPE) on Cortex-M devices. TF-M code is the preferred implementation of Arm specifications,
allowing quick and easy porting to modern chips and platforms.
1.3.3 TF-M Provides Secure World Services for the PSA RoT Use Case of TrustZone
As shown in Figure 3, the PSA RoT includes the following elements:
• MCU hardware level Immutable Unique Keys (reflected in the TBSA-M Hardware block)
• TF-M Secure Partition Manager, IPC and Interru pt Handling
• Secure Boot
• PSA ITS API, Crypto API and Attestation API
The secure world services provide PSA RoT use cases for the applications.
R11AN0493EU0100 Rev.1.00 Page 6 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
2. PSA CertifiedTM Level 2
The following architecture diagram shows the scope of PSA Certified Level 2 evaluation.
Figure 4. Scope of PSA Certified Level 2
R11AN0493EU0100 Rev.1.00 Page 7 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
2.1 Introduction to the PSA Isolation Level 2
There are three PSA isolation levels as shown in Figure 5. Note that in general, PSA Isolation Levels are
independent of PSA Certification Level requirements.
PSA Isolation Level 1 requires isolation of the Secure Processing Environ me nt ( SPE) from the rest of the
system. Isolation Level 1 or greater is required for PSA Certified Level 1.
PSA Isolation Level 2 requires isolation of PSA RoT from the rest of the secure partitions within the SPE.
Isolation Level 2 or greater is required for PSA Certified Level 2.
PSA Isolation Level 3 requires isolation of all secure partitions from each other.
Figure 5. PSA Isolation Scheme
R11AN0493EU0100 Rev.1.00 Page 8 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
2.2 T esting of P SA Level 2 Implementation
Evaluation Labs use vulnerability analysis and penetration testing of the PSA-RoT to confirm if the nine
security requirements of the PSA-RoT Protection Profile have been addressed by the Target of Evaluation.
These nine security requirements, that is, security functions, as defined in the PSA-RoT Lightweight
Protection Profile are:
• Initialization
• Software Isolation
• Secure Storage
• Firmware Update
• Secure State
• Crypto
• Attestation
• Audit
• Debug
There are seven injected threats for the evaluation of the system for PSA Level 2 Certification:
• Remote attacks
• Data injection
• Rogue code execution
• Cryptographic attacks
• RNG
• Brute force
• Side-channel
• Physical attacks
• Probing
• Perturbation
For details on the definition of the security requirement, threat model and step by step guidance on PSA
Certified Level 2, please reference the PSA Certified webpage:
https://www.psacertified.org/development-resources/certification-resources/
2.3 Certification of PSA CertifiedTM Level 2 with TF-M
The Renesas RA MCU RA6M4 MCU Group is PSA Certified Level 2 using FSP v2.0.3 with integrated TF-M
v1.1.
R11AN0493EU0100 Rev.1.00 Page 9 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
3. Using TFM V1.1 with FSP v2.0.3
Please use the following sections to exercise the TF-M usage with FSP 2.03. The Bootloader will be brought
into the project with a pair of secure and non-secure projects. The debug methodology, secure region
configuration as well as provisioning steps are explained to allow the user to customize the projects.
3.1 Using the TF-M Bootloader and Debug the Skeleton Projects
The skeleton project package Using_TFM_with_FSP_v203_EK_RA6M4.zip includes the TF-M
Bootloader project, initial secure and non-secure projects.
User can use this package as a starting point to debug and customize secure and non-secure applications
following section 3.2. Once the secure and non-secure app licat ion developments are finished, user can
proceed with locking of the Bootloader following the steps explained in section 3.3 and subsequently disable
the debug and serial programming interface following the s teps expla in ed in sect i on 3.4.
1. Install the FSP v2.0.0 platform installer as well as FSP v2.0.3, Python and SEGGER J-Link tools. J-Link
version v6.86 and later should be used.
2. Open e
2
studio and select a suitable folder for the workspace that will contain the projects.
Figure 6. Open the Workspace
3. Click Launch and Apply on the Logging/Reporting dialog if it is shown.
Figure 7. Click “Apply”
R11AN0493EU0100 Rev.1.00 Page 10 of 33
Mar.4.21
Renesas RA Family Using Trusted Firmware-M (TF-M) with FSP v2.0.3
4. Close the Welcome tab if shown.
5. We will now import the 3 supplied projects into the workspace. Select File -> Import…
6. Expand General and select Existing Projects into Workspace.
Figure 8. Import Existing Projects
7. Enable the Select archive f ile radio button.
Figure 9. Select the Archive File
R11AN0493EU0100 Rev.1.00 Page 11 of 33
Mar.4.21
Loading...