Developer Guide

  • 10/27/2020
  • Public Content

Sub-Security Domain Life Cycle

In order to provision a Sub-Security Domain, the following new Security Domain related ACPs are supported:
Admin Command
Signed Command?
Install Security Domain
Signed by Intel only
Intel must sign on every S-SD.
Uninstall Security Domain
Signed by Intel or by the S-SD itself (S-SD can remove itself)
Intel can remove every S-SD from DAL. S-SD can remove only itself and cannot other S-SDs
These ACPs can be created using the Intel® DAL Pack Tool.
When only the pre-installed I-SD exists and Intel DAL is in an unprovisioned state, no OEM Intel DAL trusted applications can be executed on the platform.
The provisioning is done from the host OS by providing the Install Security Domain ACP of the OEM S-SD to Intel DAL. This can be done using the TEE Management library which supports generic ACP command dispatch. When the platform is provisioned, no Intel signed trusted applications are supported.
The unprovisioning is performed from the host OS by providing the Uninstall Security Domain ACP of the already installed OEM S-SD to Intel DAL. In the border case of a trusted application already running, it will not be terminated and will be allowed to complete its execution.
After the Security Domain is uninstalled and before a Security Domain is installed again, Intel DAL will not be able to install or execute any OEM trusted application.

Product and Performance Information


Performance varies by use, configuration and other factors. Learn more at