TB3 TB1 TB2 Trusted Service 1 Trusted Service 2 SPM u-boot/EDK2 Operating system User-space application FF-A Manifest Dedicated, Physically protected HW Debug-log Peripheral IFC2 Dedicated, Not physically protected HW Non dedicated, Physically protected HW Non dedicated, Not physically protected HW TB4 TB5 Color code Folder 1 Isolated components Exposed to physical access Isolated but shared Out-of-scope, must be trusted Non-isolated DF12 DF2 DF5 DF8 DF11 DF7 DF6 DF9 DF10 DF4 DF1 DF3 DF13