1Glossary 2======== 3 4This glossary provides definitions for terms and abbreviations used in the Trusted Services documentation. 5 6You can find additional definitions in the `Arm Glossary`_. 7 8.. glossary:: 9 :sorted: 10 11 TF-A 12 Trusted Firmware-A 13 14 TS 15 Trusted Services 16 17 C identifier like string 18 A name which uses only alphanumeric characters and underscores and the first character is not a digit. 19 20 LCS 21 `Linux Coding Style`_ 22 23 ACLE 24 `Arm C language extensions`_ 25 26 PSA 27 `Platforn Security Arhitecture`_ 28 29 FF-A 30 `Firmware Framework for A`_ 31 32 Normal World 33 The rich execution environment running the "business logic" of the device. NWd is separated by hardware 34 technology (e.g. see :term:`TrustZone`) from components which are managing sensitive information. See 35 :term:`Secure World`. 36 37 NWd 38 See :term:`Normal World`. 39 40 Secure World 41 Hardware isolated execution environment executing specially crafted software managing sensitive data. On Arm 42 devices :term:`TrustZone` technology can be used to implement the needed isolation. 43 44 SWd 45 See :term:`Secure World`. 46 47 TEE 48 Trusted Execution Environment. An SPE implemented using TrustZone. 49 50 TrustZone 51 Hardware assisted isolation technology built into arm CPUs. See `TrustZone for Cortex-A`_. 52 53 SPE 54 See :term:`Secure Processing Environment`. 55 56 Secure Processing Environment 57 An isolated environment to execute software images backed by a specific set of hardware and arm architecture 58 features. The aim of isolation is to protect sensitive workloads and their assets. 59 60 SP 61 see :term:`Secure Partition` 62 63 Secure Partition 64 Secure Partition is a compartment to execute a software image isolated from other images. Isolation can be logical 65 or physical based on if physical address range isolation is involved or not. See :term:`Physical SP` and :term:`Logical SP`. 66 67 An SP may host a single or multiple services. 68 69 Physical SP 70 A Secure Partition which executes a software image in and isolated physical address space. 71 72 Logical SP 73 A Secure Partition which executes a software image isolated buy without physical address space isolation. 74 75 SPM 76 See :term:`Secure Partition Manager`. 77 78 Secure Partition Manager 79 A component responsible for creating and managing the physical isolation boundary of an :term:`SP` in the SWd. It 80 is built from two sub-components the :term:`Secure Partition Manager Dispatcher` and the 81 :term:`Secure Partition Manager Core`. 82 83 Secure Partition Manager Dispatcher 84 The SPM component responsible for SPMC initialization boot-time, and forwarding FF-A calls run-time between SPs 85 and between SPs and the SPMC. 86 87 Secure Partition Manager Core 88 A component responsible for SP initialization and isolation at boot-time, inter partition isolation at run-time, 89 inter-partition communication at run-time. 90 91 Secure Enclave 92 An isolated hardware subsystem focusing on security related operations. The subsystem may include hardware 93 peripherals and one or more processing elements. As an example see the `Arm SSE-700`_ subsystem. 94 95-------------- 96 97.. _`Arm Glossary`: https://developer.arm.com/documentation/aeg0014 98.. _`Linux Coding Style`: https://www.kernel.org/doc/html/v4.10/process/coding-style.html 99.. _`Arm C language extensions`: https://developer.arm.com/documentation/101028/0012/?lang=en 100.. _`Platforn Security Arhitecture`: https://developer.arm.com/architectures/security-architectures/platform-security-architecture 101.. _`Firmware Framework for A`: https://developer.arm.com/docs/den0077/latest 102.. _`TrustZone for Cortex-A`: https://www.arm.com/technologies/trustzone-for-cortex-a 103.. _`Arm SSE-700`: https://developer.arm.com/documentation/101418/0100/Overview/About-SSE-700 104 105*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.* 106 107SPDX-License-Identifier: BSD-3-Clause 108