The Mbed team are pleased to announce the release of Mbed OS 6.1, following fast on the heels of our 6.0 release.
A major feature we have introduced in this release aims to improve your experience with Arm’s Platform Security Architecture when used in conjunction with Mbed OS. Platform Security Architecture, or PSA, is an Arm- led framework for securing IoT devices. Arm has been working in close collaboration with a broader ecosystem to establish both a certification scheme, involving a number of test labs and security consultants, and to provide a reference software implementation of the PSA Root of Trust, via the Trusted Firmware project.
We first released support for PSA in Mbed OS back in our 5.12 release in March 2019. In a PSA system, the software stack is split between a Secure environment, where we strongly recommend the use of the reference TF-M (Trusted Firmware-M) software from the Trusted Firmware project, and the Non-secure environment, which is where Mbed OS is used. A series of PSA APIs enables communication between the two environments, ensuring device keys, credentials, cryptographic services, and other artefacts can be kept securely on a device.
In this release, we have implemented several changes to how we implement PSA in Mbed OS to better help you develop secure IoT devices
Firstly, we have modified how the Secure side software is integrated into the Mbed OS build, adding the option of building directly from TF-M, using their build tools. We also use the latest upstreamed release of TF-M for the PSA target, ensuring you get the latest stable released version in your device. An additional benefit this provides is that as new PSA services are added to TF-M, they will be easier to adopt and consume in Mbed as they will be available in the upstream TF-M implementation and accessible via the PSA APIs.
We have also changed the underlying use of PSA services so instead of using the Mbed storage stack beneath the PSA Secure Storage APIs, we now use the PSA Secure Storage implementation provided by TF-M, simplifying development and usage.
These changes do mean that existing PSA platforms that are supported in Mbed will need to migrate to use the new implementation, and we are working closely with our silicon partners to support them in this migration.
We believe that security is a fundamental component of any IoT device and we hope the changes we've released in Mbed 6.1 simplify how you develop and deploy secure devices.
Mbed OS 6.1 is available now using Mbed Studio and the Mbed Online Compiler, or directly on the Mbed GitHub repository. We hope you like it and we look forward to seeing the new and interesting products that it helps you create.
You need to log in to post a discussion