Hi All,
Please find the minutes from yesterday's meeting below.
Please let me know if any questions
Best regards,
Don - *Sent on behalf to the TSC Chairs*
*==================================*
*Attendees*: Antonio De Angelis(Arm), David Brown(Linaro), Don,
Kangkang(FutureWei), Kevin Oerton(NXMLabs), Anton Komlev(Arm), Dan
Handley(Arm), Julius Werner(Google), Andrej Butok(NXP), Lionel
Debieve(ST), Eric
Finco(ST), Michael T(Renesas)
*Minutes*:
-
Don: Quorum reached
-
Dan: Welcome to Antonio (online) - taking on Abhishek’s role.
-
Dan: Interested in chairing this call since transitioning?
-
If interested, let Don know on the side and we can propose the change.
-
Kevin: For continuity, it seems a good thing to have an Arm rep
chairing. Substitutions if the Arm rep can’t attend would be more
effective.
-
Dan will chair
-
MBed TLS Github location. Currently under Github and currently being
transitioned. Plan is to move to TF.org account. Maintainers are having
2nd thoughts. If repos are put in the organization account, Github is
flat, so sometimes hard to map multiple repos to one project. Access
control is also a concern. So plan to create a separate MBed TLS github
account.
-
David: Is the mbed-tls available?
-
Dan: Yes we have it
-
Dan: Will run by the board
-
Eric: Just MBed TLS or all projects?
-
Dan: Separate accounts provide some healthy autonomy. Some are
blocked by reviews - Hafnium and TF-A use Gerrit for reviews.
Some tooling
helps with this but hasn’t been progressing.
-
No objections from TSC
-
Kevin: Breaking up to individual accounts makes sense, could have
“cross-pointers” to all other accounts in each one. Can use Github for
discussions integrated into Github
-
Dan: Good point, and can use github wiki and other features if not a
“shared” project.
-
Kevin - Lightning talk recorded here:
-
https://linaro-org.zoom.us/rec/share/dN_VrMIH6jjBYEbYf9DYO_oBhAqeHp2BAyCTZA…
-
Passcode: Tid4xb8&
-
Don: Survey to TSC and Board? Thoughts?
-
Consensus wan that both may be valuable.
-
Could help to answer Dan’s question on the direction of the TSC
-
Next month topics:
-
Dan: Restarting roadmap presentations thru each project starting with
TF-M next month.
Hi TSC members
Just forwarding the below info to you too FYI
Dan.
From: Don Harbin via Board <board(a)lists.trustedfirmware.org>
Sent: 13 January 2022 00:11
To: board(a)lists.trustedfirmware.org
Subject: [Board] FYI - Upcoming session at FOSDEM (Feb 5 & 6) and more
Hi,
I hope this note finds you all well.
FOSDEM<https://fosdem.org/2022/>(Free and Open-source Software Developers' European Meeting) is coming up in early February, and we wanted to let you all know that a session will be presented entitled "Arm CCA enablement through the Trusted Firmware community project" by Charles Garcia-Tobin and our own Matteo Carlini. :) Session details can be found here<https://fosdem.org/2022/schedule/event/tee_arm_cca/>.
I'll also mention a couple of other items:
* Linaro is hosting a free 2-hour technical training session entitled "Kernel Debug Stories for Arm" on February 8th and 15th. Three slots are provided to help find a session that's time-zone friendly. Further details and registration can be found here<https://www.linaro.org/events/kernel-debug-stories-for-arm-linaro-connect-t…>. Feel free to share with any devs on your teams that may find it of interest
* A white paper from Linaro many of you may enjoy called "Confidential AI for MCUs" has been garnering lots of interest, so I wanted to share it. It can be downloaded here<https://www.linaro.org/iot-and-embedded> if interested.
If you have any questions, please feel free to reach out to me.
Thanks and best regards,
Don
Hi all
Can you please let me know if you have any topics for tomorrow's TSC meeting? So far I have:
* Change in Arm TSC representation and chair (see separate mail)
* Proposal for migrating Mbed TLS GitHub location
* Perhaps also revisit the wider TF.org GitHub presence
* Lightning talk on NXM usage of TF. Kevin - are you ready to do this?
* Identify any future lightning talks
Regards
Dan.
Hi All,
FYI, per Shebu, I'm adding both mbed-tls(a)lists.trustedfirmware.org and
psa-crypto(a)lists.trustedfirmware.org to the MBed TLS Tech Forum invites.
Please look for this in your inbox and accept it if you would like the
series added to your calendar.
- Note that this is a monthly meeting but you will see two invites, one
that is for Asia timezones and one for Europe/US. Just delete the series
that isn't timezone friendly for you.
- FYI, recall that this and other tech forums can be found in the meeting
calendar on the TF website <https://www.trustedfirmware.org/meetings/>.
If you see a meeting in that calendar, click on the entry and an option
comes up saying "copy to my calendar." It will import that single instance
into your personal calendar from there if you wish. I wasn't able to test
this feature with outlook, but it worked fine for google calendar.
Please let me know if you have any questions.
Best regards,
Don Harbin
TrustedFirmware Community Manager
don.harbin(a)linaro.org
Hi Abhishek, TSC representatives,
We're doing some changes when it comes to the Linaro TF TSC representatives.
- I'm stepping out (but I'm still around in Linaro).
- David Brown becomes the main Linaro TF TSC rep.
- Ruchika Gupta steps in as the backfill for David when he is unable to
attend.
Please update mailing-lists and meeting invitations etc accordingly.
Regards,
Joakim
Hi All,
Please find the minutes from this morning's meeting below.
Also, find attached Ruchika's presentation.
Best regards
Don Harbin - Sent on behalf of the TSC Chair
=================================================
Attendees: Don, Kevin Townsend(Linaro), Ruchika Gupta(Linaro), Julius
Werner(Google), Miklos Balint, David Brown(Linaro), Joakim Bech(Linaro),
Gyorgy Szing, Kangkang Shen(Futurewei), Abhishek Pandit(Arm), Lionel
DEBIEVE(ST),
Konstantin Karasev(OMP), Andrej Butok(NXP), Matteo, Kevin Oerton(NXM Labs)
Minutes:
-
OP-TEE Roadmap: Ruchika - Linaro Security Working Group Tech Lead
-
GET SLIDES
-
Reviewed Focus areas
-
OP-TEE and Virtualization
-
Functional Safety Updates
-
Proposal of task ownership shown
-
Share H/W resources
-
Roadmap - Details
-
Note the Jira Tickets are public and accessible by the team
-
Ruchika provided a brief overview of Stratos
<https://www.linaro.org/projects/#automotive_STR> (Linaro driven
Virtualization Project) and TS
<https://www.linaro.org/projects/#trusted-substrate_TS>(Linaro driven
Trusted Substrate project).
-
KK: Re: Trusted Substrate - it’s a platform to support
firmware-level security features. Related to SOAFEE. Edge focused
-
Abhishek: Partner Lightning Talks - round robin usage of TF
-
Interest in lightning talks and sharing how their company is using
the output of TF.org, one Member share monthly in this meeting.
-
Will push out the vote for doing this.
-
KO: Initial target is to start in December?
-
AP: Suggest starting in January
-
KO: Will talk thru email, but pencil in Kevin for January
<end>
Hi All,
Sorry a bit late for this week's meeting. We have -
* OPTEE roadmap presentation. (Please note that meeting has been moved 2 hours earlier.)
* Revisit - lightning talks proposal?
*
Any other agenda suggestions?
Thanks,
Abhishek
Hi All,
Please find the minutes from yesterday's TSC Tech Form below.
Best regards,
Don - Sent on behalf of the TSC Chair
==============================================
Attendees: Joakim Bech(Linaro), Don, Abhishek Pandit(Arm), Anton Komlev
<Anton.Komlev(a)arm.com>(Arm), Dan Handley(Arm), Kevin Oerton(NXM Labs),
David Brown(Linaro), Julius Werner <jwerner(a)google.com>(Google), Andrej
Butok(NXP), Eric Finco(ST), Michael T(Renesas)
Minutes:
-
Security Incident Reporting Review
-
Reference Joakims email thread
-
Joakim shared the background. Working to simplify. Walked thru a
sample incident process spreadsheet.
-
DB: How consistent in alerting additional Stakeholders?
-
Joakim: reference Phabricator page to answer the question.
-
Joakim: Process requires discipline. Shared checklist.
-
Each issue would have its own checklist.
-
KO: Looks good and provides the picture we need
-
KO: Why manual process?
-
JB: See checklist - must add dates
-
DanH: New tab for each checklist may be hard to sustain.
-
KO: Automation would be nice
-
AP: What is this solving?
-
KO: From Technical oversight, this provides a high-level view of
security robustness and responsiveness to issues. May be a
useful mgt tool
to understand security state and velocity is sufficient.
-
DB: With Zephyr, a checklist for each issue has caught things that
would have been missed, like publishing to MITRE.
-
DanH, AP: Agree checklists seem useful.
-
AP: Doesn’t include effort. What metric is needed?
-
DB: Need a start and an end, which doesn’t happen in this.
-
MT: Renesas uses Jira. Excel is tough - not scalable and can’t export
-
AP: What is the use of date for each transition?
-
DB: Checklists, and states in Jira. Jira is not trivial either and
must be tuned when changes are made. Clickup or Airtable might be good
choices. Scriptable is helpful. Not free solutions.
-
KO: Air table is $60 / month. Development/maintenance is the real
cost.
-
DanH: Corner cases are abundant and can skew statistics.
-
DB: Current sheet is a report, the data is the dates.
-
AP: Only stats that matter is when Opened and When closed. If
lock-on purpose, then can decide what data is needed.
-
DB: On zephyr, patches are done by others rather than the security
team, which makes it difficult. What happens when a 3rd party comes in?
-
DanH: Could be a case but hasn’t happened.
-
Agreed to table this and discuss again in a month
-
Phabricator Deprecation:
-
Noted raised and not discussed. Will discuss later
-
TF-M Release cadence change
-
Anton: From 4 to 6 months. Minimizes overhead associated with
releases
-
KO: Keeping the window open allows better synchronization.
-
Anton: Each project is different. Smaller windows have a better
chance to overlap.
-
EF: How aligns w/ MCUBoot?
-
Anton: No formal plan there, we pick it up asap.
-
EF: 2 versions in a time window. Make sure MCUBoot release is done 6
weeks before, for example, so can be merged in
-
Anton: This aligns with the purpose of this proposal. TF-A also has 6
months schedule.
-
AP: MBed TLS starting open tech Forum.
-
AP: ADAC repo - top-level repo now available. Expect a tech talk in the
future
-
AP: Roadmap discussions: None this month as it was covered last month,
plan to do every month. If can have lightning talks from Member reps on
how they’re using TF.org projects and are public. Still deciding if useful
and how to organize?
-
KO: A sense of how this is getting leveraged is the ultimate end
goal. A google project w/ BOM is being tracked for security issues that
impact other projects.
-
AP: Feel free to provide Abhishek feedback outside this forum
-
AP: Funding approval for Open CI. All aware
-
DonH: FYI includes reduction of Community Mgr to 0.3 to maintain a
healthy surplus. Also, the majority votes are in and it has passed.
-
Joakim: Can now compile OP TEE TA’s in Rust
<end>
Hi All,
Any agenda suggestions for this week's meeting?
Couple of potential topics :
* Security incident monitoring
* Phabricator deprecation
Thanks,
Abhishek
