 Hello and welcome to this presentation that details the parameters that affect the TFM flash memory footprint. This figure summarizes the software layers on which TFM relies, the utilities for middleware and CMSIS for the drivers. The TFM-based application examples provided by STM32QBU5 consist in four main software components, which can be configured according to user needs. TFM-SBS-FU-BOOT, Secure-BOOT and Secure-Firmware Update Application, TFM-LOADER, Application-LOADER based on the Y-modem protocol over USART, TFM-Apply-Secure, Secure-Application providing secure services to the non-secure user application at runtime, and TFM-Apply-Non-Secure, Non-Secure-User application. The following slides provide an estimation of the footprints for minimal and full configuration of each of these components. This slide lists the parameters that affect the TFM flash footprint. The footprint depends on the hardware configuration of internal or external flash, especially the page size and also the possible encryption of flash regions. The number of firmware images and the number of firmware slots used to update the images impact the footprint. The size is also affected by the SBS-FU crypto scheme configuration, asymmetric based on RSA or ECC. If an image loader is needed, it also consumes part of the flash. The type and number of secure services obviously impact the memory footprint. The code compactness also depends on the level of optimization provided by the compiler. In the following slides, metrics will be provided with the following settings. The size is aligned taking into account 8kb flash memory sector alignment constraints. The IDE is a Kyl toolchain mdkarm5.31.0 with option minus oz image size. This table indicates the size of the TFM SBS-FU boot program. The TFM SBS-FU boot application consists of the following sections in flash memory. BL2 NVC NT data area used to store firmware version information for the anti rollback feature. Scratch region used by TFM SBS-FU boot to temporarily store image data during the image swap process. The region is not used in override mode. Integrated personal data area used to store the SBS-FU application keys and the keys and information used by the TFM secure application. SBS-FU code, code managing the secure boot and the secure firmware update functions. HDP activation code, code that hides all SBS-FU code and secrets before launching the application. For more details about the footprint of each section, refer to the UM-2851 user's manual entitled Getting Started with STM32 Cube U5 TFM application. This table describes three examples as follows. Minimum configuration example, SBS-FU boot example delivered in the STM32 Cube U5 MCU package, TFM-SBS-FU boot example delivered in the STM32 Cube U5 MCU package. The differences between the SBS-FU and TFM examples are highlighted in bold. This table indicates the size of the TFM secure application. The secure application provides secure services that can be used by the non-secure application at runtime, configuration of the security architecture with the isolation of the different domains and with the secure API's mechanisms, providing secure services needed by the non-secure user application. The secure application binary is encapsulated in a firmware image, which contains some metadata that are used in the context of the secure boot or secure firmware update functions. The size of the secure application image is affected by the configuration. This table describes three examples, empty secure application template, limited TFM crypto services only, full TFM secure services. This table indicates the size of the TFM non-secure application. If internal flash memory is used, the size available for the non-secure application area depends on the configurations. This table describes the two examples provided in the STM32 Cube U5 MCU package, SBSFU example and full FTM example. This table indicates the size of the TFM loader. The TFM loader application enables the download of new firmware versions using the UART interface with the Ymodem protocol. The TFM loader application is optional. It can be fully removed if not needed. Integrators can configure it according to their product specifications and can customize it to support other hardware interfaces or to support other protocols. The size of the TFM loader application can be affected by the configuration. This table describes two examples, single image slot and two image slots. Thank you for attending this presentation. You can now refer to the other presentations that detail the operation of the TFM, TFM Offer in STM32 U5 and TFM Pointers.