# IoT Reference Integration for Arm Corstone-3xx with CMSIS-RTOS2 ## Introduction This reference integration demonstrates how to develop cloud connected applications and update them securely by integrating [CMSIS-FreeRTOS](https://arm-software.github.io/CMSIS-FreeRTOS/main/index.html) ([FreeRTOS kernel](https://www.freertos.org/RTOS.html) with a [CMSIS-RTOSv2](https://arm-software.github.io/CMSIS_5/RTOS2/html/index.html) compatibility layer), and utilizing hardware enforced security based on [Arm TrustZone (Armv8-M)](https://www.arm.com/architecture/learn-the-architecture/m-profile). To utilize the hardware enforced security, this integration uses PSA Certified reference implementation [Trusted Firmware-M](https://www.trustedfirmware.org/projects/tf-m/). Trusted Firmware-M provides various Secure services such as Secure boot, Crypto, Secure Storage, Attestation and Update services meeting [PSA Certified requirements](https://www.psacertified.org/blog/psa-certified-10-security-goals-explained/). Developers and partners can use this integration as a starting point to build CMSIS-FreeRTOS based software stack on top of Arm Cortex-M based platforms. All the components are put together in a modular manner to make porting of this integration across platforms easy. ## Architecture The following diagram illustrates the architecture of the CMSIS-RTOS2 FRI project. ![diagram](./docs/images/diagram.png "Diagram") The Secure services provided by Trusted Firmware-M can be seen on the right-hand side of the image. These include Crypto, Attestation and Secure Storage. It also provides secure boot via a bootloader (MCUboot). The Secure Partition Manager (SPM) in Trusted Firmware-M provides the runtime for Secure services. On the left-hand side, the Non-secure software stack is shown. This includes the FreeRTOS kernel with a CMSIS-RTOSv2 compatibility layer. These two layers are packaged together as one component called CMSIS-FreeRTOS. The Blinky example, which uses CMSIS-RTOSv2 APIs, can be seen above these two layers. FreeRTOS tasks can utilise Trusted Firmware-M secure services via the PSA functional APIs. ## Supported Targets Arm Corstone-3xx targets include an example subsystem based on the Cortex-M CPU and Ethos NPU, alongside a range of other components in a scalable and flexible reference package. This enables designers to build secure, AI-capable SoCs faster. Arm's [Fixed Virtual Platform](https://www.arm.com/products/development-tools/simulation/fixed-virtual-platforms) is used to run the application artefacts. The [currently released version <11.24.22>](https://developer.arm.com/downloads/-/arm-ecosystem-fvps) of FVP is supported by the CMSIS-RTOS2 FRI project. * [Corstone-315](https://developer.arm.com/Processors/Corstone-315) * Arm Cortex-M85 CPU, Ethos-U65 NPU and Mali-C55 ISP * [Corstone-310](https://developer.arm.com/Processors/Corstone-310) * Arm Cortex-M85 CPU and Ethos-U55 NPU * [Corstone-300](https://developer.arm.com/Processors/Corstone-300) * Arm Cortex-M55 CPU and Ethos-U55 NPU ## Supported Toolchains * Arm GNU Toolchain (arm-none-eabi-gcc) * Arm Compiler for Embedded (armclang) > Note: The build script `./tools/scripts/build.sh` assumes `Arm GNU Toolchain (arm-none-eabi-gcc)` by default, append the extra option `--toolchain ARMCLANG` to build using Arm Compiler for Embedded Toolchain. ## Project organisation The [document](docs/project_organisation.md) describes the organistation of the project in detail. ## Examples This reference integration contains the following example: * [Blinky example](docs/applications/blinky.md) * Demonstrates CMSIS-FreeRTOS and TF-M integration ## Software Components ### Fetching Generally all the components used within the CMSIS-RTOS2 FRI project are fetched using `git submodules` from their official repositories into `components/` directory. Exact location and the version are recorded in the [manifest.yml](manifest.yml). ### Trusted Firmware-M Trusted Firmware-M (TF-M) implements the Secure Processing Environment (SPE) for Armv8-M, Armv8.1-M architectures (e.g. the Cortex-M33, Cortex-M23, Cortex-M55, Cortex-M85 processors) and dual-core platforms. It is the platform security architecture reference implementation aligning with PSA Certified guidelines, enabling chips, Real Time Operating Systems and devices to become PSA Certified. Follow the [link](https://tf-m-user-guide.trustedfirmware.org/introduction/readme.html) for more information on Trusted Firmware-M. To have a better overview of how Trusted Firmware-M is integrated with the CMSIS-RTOS2 FRI project, you're kindly asked to check [Trusted Firmware-M component document](docs/components/trusted_firmware-m/trusted_firmware-m.md) ## License Source code located in the *applications* directory is available under the terms of the MIT License. See the [LICENSE](./LICENSE) file for more details. Other files in the repository are available under the terms specified in each source file.