(a draft of) Non-secure Client Awareness in TF-M

This paper presents a novel mechanism implemented in the SW to identify and authorize secure service call from the NW. While the current solution needs changes of the non-secure software (typically an RTOS), our solution exploits available hardware (i.e., the memory protection unit or MPU) to handle clients identification and authorization in a transparent way to non-secure software.