Frequently asked Questions about Trusted Substrate (TS)

Is Trusted Substrate SystemReady IR compliant firmware?


Trusted Substrate exists in two flavours that build on SystemReady counterparts: TrustedSubstrate-IR and TrustedSubstrate-ES:

  • TrustedSubstrate-IR implementation is built on Trusted Firmware A, OP-TEE, U-Boot and uses Device Tree as hardware description. 

  • TrustedSubstrate-ES implementation is built on EDK2, OP-TEE and uses ACPI as hardware description (main difference with typical datacenter firmware is the presence of OP-TEE). There are discussions to extend U-Boot to offer a full ACPI support in this context.

Is Trusted Substrate SystemReady SBBR compliant firmware?

Currently no.

Only EDK2 has the breadth of ACPI and UEFI implementation to be compliant.

How is Trusted Substrate related to PSA certification?

PSA has APIs and a certification process. The scope of the certification does not impose PSA APIs. PSA certification is about quality of implementation verified by (self for level 1, lab for levels 2 and 3). For level 3 certification, hacking attempts are made in addition to some automated verifications.

So TS implements many PSA APIs backends and FF-A interface (which defines a transport mechanism for PSA APIs).