doc: Apply suggestions from code review

Apply suggestions from code review Signed-off-by: Seppo Takalo <[email protected]> Co-authored-by: Mel Weed <[email protected]> Co-authored-by: Pekka Niskanen <[email protected]>
nrfconnect · Jan 27, 2025 · dc5176a · dc5176a
1 parent e06cb9f
commit dc5176a
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 6 deletions.
diff --git a/doc/nrf/releases_and_maturity/migration/migration_guide_spm_to_tf-m.rst b/doc/nrf/releases_and_maturity/migration/migration_guide_spm_to_tf-m.rst
@@ -4,9 +4,9 @@ Migrating from Secure Partition Manager to Trusted Firmware-M
 #############################################################
 
 The Nordic Secure Partition Manager (SPM) was replaced with Trusted Firmware-M (TF-M) as the default trusted execution solution in the |NCS| v2.1.0.
-This change was made to enhance the security features of the SDK by integrating the more widely adopted TF-M that aligns with the Arm Platform Security Architecture (PSA).
+This change enhances the security features of the SDK by integrating the more widely adopted TF-M that aligns with the Arm Platform Security Architecture (PSA).
 
-The migration from SPM to TF-M requires changes in the application code and the partition configuration.
+Migration from SPM to TF-M requires changes in the application code and the partition configuration.
 The interface to TF-M is different from the interface to SPM.
 Due to that, the application code that uses the SPM Secure Services needs to be ported to use TF-M instead.
 

diff --git a/doc/nrf/security/tfm.rst b/doc/nrf/security/tfm.rst
@@ -333,7 +333,7 @@ For more information about the general features of the TF-M Platform partition,
 Internal Trusted Storage partition
 ----------------------------------
 
-To enable Internal Trusted Storage (ITS) partition, set the :kconfig:option:`CONFIG_TFM_PARTITION_INTERNAL_TRUSTED_STORAGE` Kconfig option.
+To enable the Internal Trusted Storage (ITS) partition, set the :kconfig:option:`CONFIG_TFM_PARTITION_INTERNAL_TRUSTED_STORAGE` Kconfig option.
 It implements the PSA Internal Trusted Storage APIs (`PSA Certified Secure Storage API 1.0`_) to achieve confidentiality, authenticity and encryption in rest (optional).
 ITS is meant to be used by the other TF-M partitions.
 It must not be accessed directly by the non-secure application.
@@ -361,7 +361,7 @@ As long as each file has a unique file ID, the key used for encryption and authe
 
 To strengthen data integrity, the metadata of the ITS file (creation flags/size) is used as authenticated data in the encryption process.
 
-The nonce for the AEAD operation is generated by concatenating a random 8-byte seed and an increasing the 4-byte counter.
+The nonce for the AEAD operation is generated by concatenating a random 8-byte seed and a increasing 4-byte counter.
 The random seed is generated once in the boot process and stays the same until reset.
 
 .. _tfm_partition_its_sizing:
@@ -670,7 +670,8 @@ It implements the PSA Initial Attestation APIs (`PSA Certified Attestation API 1
 It allows the device to prove its identity to a remote entity.
 The :ref:`tfm_psa_template` sample demonstrates how to use the Initial Attestation partition.
 
-The Initial Attestation partition is not enabled by default. Unless you need attestation, it is recommended to keep it disabled.
+The Initial Attestation partition is not enabled by default.
+Keep it disabled unless you need attestation.
 
 For more information about the general features of the TF-M Initial Attestation partition, see `TF-M Attestation`_.
 
@@ -687,7 +688,7 @@ The device starts in the **Device Assembly and Test** state.
 The :ref:`provisioning_image` sample shows how to switch the device from the **Device Assembly and Test** state to the **PRoT Provisioning** state, and how to provision the device with hardware unique keys (HUKs) and an identity key.
 
 To switch the device from the **PRoT Provisioning** state to the **Secured** state, set the :kconfig:option:`CONFIG_TFM_NRF_PROVISIONING` Kconfig option for your application.
-In the first boot, TF-M ensures that the keys are stored in the Key Management Unit (KMU) and switches the device to the **Secured** state.
+On the first boot, TF-M ensures that the keys are stored in the Key Management Unit (KMU) and switches the device to the **Secured** state.
 The :ref:`tfm_psa_template` sample shows how to achieve this.
 
 .. _ug_tfm_manual_VCOM_connection: