Visible to Intel only — GUID: GUID-188DC3EB-5ACA-4A0B-9A71-EA8820319D16
For API Level 1 - Intel® ME 7.x - Sandy Bridge
For API Level 1.1 - Intel® ME 8.x lite - Sandy Bridge
For API Level 2 - Intel® ME 8.0 - Ivy Bridge
For API Level 3 - Intel® ME 8.1 - Ivy Bridge
For API Level 3 - SEC1.0, SEC1.1, SEC1.2, SEC2.0
For API Level 4 - Intel® ME 9.5, Intel ME 9.5.55 - Haswell
For API Level 4 - Intel® ME 9.1, Intel ME 9.1.35 - Haswell
For API Level 5 - Intel® ME 10.0.0 - Haswell
For API Level 6 - Intel® ME 10.0.20 - Broadwell
For API Level 7 - ME 11.0 - Skylake_LP and Skylake_H
For API Level 8 - TXE3.0 - Broxton, ME 11.5/11.8 - Kabylake_LP, Kabylake_H
For API Level 9 - Intel® ME 12.0 - Cannon Lake
Trusted Application Validation Guidelines
Validating the Manifest
Memory and Performance
Error Handling and Recovery
Functional Validation and Multi-Instance Support
Pack and DALP Generation and Validation
Host-Side Software Validation Guidelines
Trusted Application Management Flows
Error Handling and Recovery Flows
Multi-Instance and Interoperability Testing of Trusted Application Management
General and Platform-Related Events
End-to-End and Setup Validation Guidelines
Cross Trusted Application Interoperability Functional Testing
Creating a New Project
Importing an Existing Project
Converting an Existing Project
Building and Packaging Your Project and Running in Emulated Environment
Running Your Project
Running and Testing on Emulation and on Silicon
Debugging Trusted Applications
Preparing and Submitting Your Project for Signing
Signing an Applet
Signing New Versions
Visible to Intel only — GUID: GUID-188DC3EB-5ACA-4A0B-9A71-EA8820319D16
General and Platform-Related Events
Some key lessons were learned from the validation of the first applications that used Intel® DAL infrastructure and which aren't related specifically to the infrastructure:
- Permissions - check with which permissions you are running and testing your host-side application. Covering different user modes is important for ensuring correct behavior in real user setups
- Process vs. Thread - Running as a process or in a thread inside a multi-threaded application might impact mainly trusted application management, but recovery flows are impacted by using different models (e.g. Intel DAL Host Interface Service maps between processes and trusted application sessions, so using threads might mean that your session will not be cleaned and you'll be stuck with a ghost session).
- How the software is being installed - How will your software and trusted application reach the platform? Is it part of the Intel® Management Interface (Intel® MEI) kit? Those will have an impact on the installation testing and setup coverage plan.
- Intel DAL status, Intel® Identify Protection Technology (Intel® IPT) enabled, service status, etc. - Some platforms can come with Intel DAL disabled or be non-compliant with Intel IPT. All of those aspects should be tested, and an informative message should be presented to the user in cases which are relevant.
- Platform Support - Some of the hardware/firmware features might not be enabled on the platform. For example, we can have a platform with a CPU that has no internal graphics or SKU that doesn't support internal graphics (SKU limitation by the PCH) or just have an external graphics card without switchable graphics support - All of those will impact WYSIWYS (Intel IPT codename True Cove) support and, in that case, you should understand how your application will handle this case and notify the user accordingly. You must understand your dependencies in hardware/firmware/software setups and how your application should and will behave if some components are missing or not supported.