AchimKraus Yea I was reading up on RPK. I have not used that… yet. Plenty use of signed certs and PSK.
I have found since the beginning that mbed had a ton of bloat and took up a bunch of code space. Even now with a basic application it sucks up soo much space.
| Image | Flash Used | Flash Allocated | RAM Used | RAM Allocated |
|---|
| MCUboot | 43 KB | 48 KB | 21 KB | 64 KB |
| TF-M (code) | 97 KB | 159 KB | 55 KB | 64 KB |
| TF-M (storage) | — | 80 KB | — | — |
| App (lion_basic) | 210 KB | 256 KB | 56 KB | 175 KB |
| TF-M + App | 307 KB | 415 KB | 111 KB | 239 KB |
MCUboot primary/secondary slots: 416 KB each (TF-M code + app swapped together). TF-M storage (ITS, PS, NV counters) is outside the swap slots. Total flash: 1 MB.
I’ll likely do a tinyDTLS comparison to see how much is saved. Seems more than sufficient for IoT use cases but yes, we do lose out on x.509.
I am happy about the addition of CONFIG_TFM_PARTITION_PROTECTED_STORAGE though. I thought it was a little weird to be storing credentials in clear text flash. It’s still not as ideal as a secure element though.
Working on a project that will hopefully be helpful to people in the space. 🙂 I’ll probably do some content on my findings as I go.
