Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# IoT Reference Integration for Arm Corstone-3xx with CMSIS-RTOS2
## Introduction
This reference integration demonstrates how to develop cloud connected
applications and update them securely by integrating
[CMSIS-FreeRTOS](https://arm-software.github.io/CMSIS-FreeRTOS/main/index.html)
([FreeRTOS kernel](https://www.freertos.org/RTOS.html) with a
[CMSIS-RTOSv2](https://arm-software.github.io/CMSIS_5/RTOS2/html/index.html) compatibility layer),
and utilizing hardware enforced security based on [Arm TrustZone (Armv8-M)](https://www.arm.com/architecture/learn-the-architecture/m-profile).
To utilize the hardware enforced security, this integration uses PSA Certified
reference implementation [Trusted Firmware-M](https://www.trustedfirmware.org/projects/tf-m/).
Trusted Firmware-M provides various Secure services such as Secure boot, Crypto, Secure Storage,
Attestation and Update services meeting [PSA Certified requirements](https://www.psacertified.org/blog/psa-certified-10-security-goals-explained/).
Developers and partners can use this integration as a starting point to build
CMSIS-FreeRTOS based software stack on top of Arm Cortex-M based
platforms. All the components are put together in a modular manner to make
porting of this integration across platforms easy.
## Architecture
The following diagram illustrates the architecture of the CMSIS-RTOS2 FRI project.
The Secure services provided by Trusted Firmware-M can be seen on the
right-hand side of the image. These include Crypto, Attestation and Secure
Storage. It also provides secure boot via a bootloader (MCUboot). The Secure
Partition Manager (SPM) in Trusted Firmware-M provides the runtime for Secure
services.
On the left-hand side, the Non-secure software
stack is shown. This includes the FreeRTOS kernel with a CMSIS-RTOSv2
compatibility layer. These two layers are packaged together as one component
called CMSIS-FreeRTOS. The Blinky example, which uses CMSIS-RTOSv2 APIs, can be
seen above these two layers. FreeRTOS tasks can utilise Trusted Firmware-M
secure services via the PSA functional APIs.
## Supported Targets
Arm Corstone-3xx targets include an example subsystem based on the Cortex-M
CPU and Ethos NPU, alongside a range of other components in a scalable and
flexible reference package. This enables designers to build secure,
AI-capable SoCs faster.
Arm's [Fixed Virtual Platform](https://www.arm.com/products/development-tools/simulation/fixed-virtual-platforms)
is used to run the application artefacts.
The [currently released version <11.24.22>](https://developer.arm.com/downloads/-/arm-ecosystem-fvps)
of FVP is supported by the CMSIS-RTOS2 FRI project.
* [Corstone-315](https://developer.arm.com/Processors/Corstone-315)
* Arm Cortex-M85 CPU, Ethos-U65 NPU and Mali-C55 ISP
* [Corstone-310](https://developer.arm.com/Processors/Corstone-310)
* Arm Cortex-M85 CPU and Ethos-U55 NPU
* [Corstone-300](https://developer.arm.com/Processors/Corstone-300)
* Arm Cortex-M55 CPU and Ethos-U55 NPU
## Supported Toolchains
* Arm GNU Toolchain (arm-none-eabi-gcc)
## Project organisation
The [document](docs/project_organisation.md) describes the organistation of the project in detail.
## Examples
This reference integration contains the following example:
* [Blinky example](docs/applications/blinky.md)
* Demonstrates CMSIS-FreeRTOS and TF-M integration
## Software Components
### Fetching
Generally all the components used within the CMSIS-RTOS2 FRI project are fetched using `git submodules` from their official repositories into `components/` directory. Exact location and the version are recorded in the [manifest.yml](manifest.yml).
### Trusted Firmware-M
Trusted Firmware-M (TF-M) implements the Secure Processing Environment (SPE)
for Armv8-M, Armv8.1-M architectures (e.g. the Cortex-M33, Cortex-M23,
Cortex-M55, Cortex-M85 processors) and dual-core platforms. It is the platform
security architecture reference implementation aligning with PSA Certified
guidelines, enabling chips, Real Time Operating Systems and devices to become
PSA Certified. Follow the [link](https://tf-m-user-guide.trustedfirmware.org/introduction/readme.html)
for more information on Trusted Firmware-M. To have a better overview of how Trusted Firmware-M is integrated with the CMSIS-RTOS2 FRI project, you're kindly asked to check [Trusted Firmware-M component document](docs/components/trusted_firmware-m/trusted_firmware-m.md)
## License
Source code located in the *applications* directory is
available under the terms of the MIT License. See the [LICENSE](./LICENSE) file
for more details.
Other files in the repository are available under the terms specified in each
source file.