About this project

Trusted Substrate is an effort to provide software for secure connected devices. It does so by having a holistic view of the device and the software ecosystem. Starting from a SystemReady compliant firmware, booting an OS or an OS installer with UEFI and provisioning the device.

For the firmware, Linaro provides a meta-layer in OpenEmbedded aimed toward board makers who want to produce an Arm SystemReady compliant firmware and ensure consistent behavior, tamper protection and common features across platforms. In a nutshell, TrustedSubstrate is building firmware for devices which verifies the running software hasn’t been tampered with. It does so by utilizing a well-known set of standards.

• UEFI secure boot enabled by default UEFI Secure Boot is a verification mechanism for ensuring that code launched by a computer’s UEFI firmware is trusted. It is designed to protect a system against malicious code being loaded and executed early in the boot process before the operating system has been loaded.

• Measured boot. With a discrete or firmware-TPM, Measured Boot is a method where each of the software layers in the boot sequence of the device, measures the next layer in the execution order and extends the value in a designated TPM PCR. Measured boot further validates the boot process beyond Secure Boot.

• Dual banked firmware updates with rollback and bricking protection provides protection to the firmware update mechanism and shield the device against bricking as well as rollback attacks.

Apart from the firmware we are working on

• EFI HTTPs boot and FIDO secure device onboarding, to automate the OS installation and provisioning of IoT devices

• Standards participation

• Distro support, make sure that COTS distros work out of the box on embedded boards

Requirements and specifications

Trusted Substrate interfaces rely on a combination of existing standards:

• SystemReady DT compliance

• PSA Trusted Services

• Global Platform TEE compliance

• Firmware handoff

• A/B updates

The following diagram shows how Trusted Substrate can be seen from upper layers:

Open

The primary goal of the project is to upstream all necessary technologies in a number of open-source projects and Linux distros to seed SystemReady compliance. Linaro Edge group hardware as well as QEMU will be used as reference platforms for the development.

Development of Trusted Substrate is "feature orientated" rather than upstream project orientated. In other words, when a feature is planned, activities in relevant upstream projects is identified and monitored for completion as a whole. Each upstream project has its own roadmap that is not related to SystemReady compliance and is independent from other projects. So if you are evaluating what community to join, the decision criteria is whether your goal is holistic or just focused at an individual project.

Related Linaro software development  projects

The Trusted Substrate project covers a wide range of software components as stated above. To orchestrate engineering activities in manageable pieces, the development is split between the following projects (Trusted Substrate project leadership ensure coherency and completeness across projects):

• https://linaro.atlassian.net/wiki/spaces/LOC - while most OP-TEE activities related to SystemReady are guided by Dependable Boot, some long term changes such as Trusted Application lifecycle and distribution scenarios may actually be driven by this project.

• https://linaro.atlassian.net/wiki/spaces/YGAI - Generic Arm64 image contributions and testing for SystemReady

• https://linaro.atlassian.net/wiki/spaces/UBOOT - Generic U-Boot improvements and testing

Deliverables

Trusted Substrate project deliverables are upstream patches in many upstream projects. The development is driven by the Linaro projects as said above.

Upstream activity can be found in:

• meta-ts

• U-Boot, EDK2

• Trusted-Firmware A, OP-TEE

• Linux kernel

Firmware images for supported hardware are provided here.

Services

Linaro is evaluating the opportunity to create SystemReady and Trusted Substrate services such as:

• Board SystemReady DT readiness, i.e. making sure the board will pass SystemReady DT certification

• Include SystemReady DT CI/CD loops

• Collaborative maintenance of Trusted Substrate project

Should you want to have more information or more generally discuss any of the above, please contact us

Get Involved

• Mailing List

  • Linaro Boot Architecture mailing list subscription

  • Gitlab repos

  • Firmware Binaries

• Project membership for roadmap steering and resources allocation

  • Please contact us

• Board integration in CI

  • Please contact us

Meetings

This calendar is displayed using UTC timezone with no DST offsets.

Project Contacts

• Project lead: ilias.apalodimas@linaro.org

• Project manager: julianus.larson@linaro.org

Continuous integration

• Qemu