How to implement a custom service using a SPI interface on TF-M

Hi Sir/Madam, 

Our project needs to use TEE on nRF5340 which seems to be implemented by TF-M for now and future. After investigating the implementation, I didn't find a service sample that uses a peripheral from the secure world. Specifically, our project needs to get a SPI-wired biometric sensor managed by TEE environment. So far, I can't find either the nRF53's SPIM driver in TF-M's nRF53 platform or a custom service using the physical driver. Do you have an example similar to that or some suggestions how to achieve that? 

Thank you!

Jun Li @ Intel Corporation

Parents Reply
  • Hi Jun,

    CryptoCell is integrated with TF-M, via the nrf_security module. Here mbed TLS is used as a frontend, and CryptoCell is used for operations that are supported by it. TF-M again sits on top of this.

    You can see this with some SDK examples. If you run Cryptography samples on a device with CryptoCell, that will be used. And if you also build for non-secure on the nRF9160 or nRF5340, TF-M will be used.

    (Note TF-M support in general is experimental in nRF Connect SDK 1.6.x.)