# Open IoT SDK

## License and contributions

The software is provided under the [Apache-2.0 license](LICENSE-apache-2.0.txt). All contributions to software and documents are licensed by contributors under the same license model as the software/document itself (ie. inbound == outbound licensing). Open IoT SDK may reuse software already licensed under another license, provided the license is permissive in nature and compatible with Apache v2.0.

Folders containing files under different permissive license than Apache 2.0 are listed in the [LICENSE](LICENSE.md) file.

To report a security vulnerability, please send an email to the security team at arm-security@arm.com.

For any other contribution, please see [CONTRIBUTING.md](CONTRIBUTING.md) for more information.

## Overview

The Open IoT SDK is a collection of software that has been tested to work well
together. The primary value delivered by the SDK is in making available a set
of components that integrate without conflict, easing the development of IoT
applications. The SDK also provides a few simple examples demonstrating how to
use the included components in a few example configurations.

The `components` directory contains all components that comprise the Open IoT
SDK. Some of the external repositories contain multiple components. The SDK
ships with CMake files to help make consumption of its components more
straightforward than using the components directly.

`components/`
- `CMSIS_5/`
- `FreeRTOS-Kernel/`
- `MCU-Driver-HAL/`
- `ML-embedded-evaluation-kit/`
- `NimBLE/` - in-progress
- `Storage/`
    - `littlefs/`
- `TF-M/`
- `TinyUSB/` - in-progress

## Security issues reporting

If you find any security vulnerabilities, please do not report it in the GitLab issue tracker. Instead, send an email to the security team at arm-security@arm.com stating that you may have found a security vulnerability in the Open IoT SDK.

More details can be found at [Arm Developer website](https://developer.arm.com/support/arm-security-updates/report-security-vulnerabilities).