Mistake on this page? Email us


Module scope

This module implements an abstraction layer for POSIX-like filesystem APIs, to allow Izuma Device Management Client to perform file I/O operations. The module provides storage capability on platforms that do not have secure storage feature available. It is used for storing credentials and firmware images on platforms using the filesystem to download firmware images as files.

Supported key functionality:

  • Folder operations: create and delete directory.
  • File operations: open, seek, read, write , close and delete (unlink).
  • Special operations:
    • Delete folder content: files only, non-recursive deletion (no folder iteration).
    • Nonrecursively copy all files in the folder to a different folder.
    • Format partition.

The pal_plat_fileSystem.h header declares the FileSystem functions.

Note: You need to implement all APIs in this module.

Prerequisites for this porting stage

  • An RTOS module (successfully ported).

  • Storage with at least one partition and a file system (on Linux, you can use gparted for partition management). One or more additional partitions may be used as backup. Note: Mbed OS supports only primary partitions. MBRBlockDevice includes a partition method that you can use for creating partitions.

  • The FileSystem module must receive at least one mount point.

  • The name of the primary and secondary mount points must be set in the PAL_FS_MOUNT_POINT_PRIMARY and PAL_FS_MOUNT_POINT_SECONDARY environment variables, respectively.

    Note: The primary and secondary mount points may be the same (for example, for single-partition systems).


The file system folder access assumes that folders are separated with the / character.


Key and Configuration Management data (KCM) files are in the ESFS folders ESFS_WORKING_DIRECTORY, in case of partition PAL_FS_MOUNT_POINT_PRIMARY, and ESFS_BACKUP_DIRECTORY, in case of partition PAL_FS_PARTITION_SECONDARY. You can override ESFS_WORKING_DIRECTORY and ESFS_BACKUP_DIRECTORY in the application configuration file. More specific details about KCM are available on the Izuma Device Management Factory Provisioning documentation site.

KCM over RAM mode

KCM over RAM mode offers an option for faster developer porting experience. To ease initial porting of Device Management Client to a new platform, compile it with the KCM over RAM variant.

To enable this developer feature, compile Device Management Client with the PAL_SIMULATOR_FILE_SYSTEM_OVER_RAM compilation flag. All credentials will be stored to RAM instead of non-volatile memory. If you reset the device with this feature enabled, all credentials will be wiped out of the memory.

Non-supported features in this mode are:

  • Update.
  • Entropy injection.
  • Platform Security Architecture (PSA).

Note: This mode is suitable for development only..

OS-specific notes


  • You do not need a special configuration; the FileSystem functionality uses the Linux stdio.h library.
  • The default format type is ext4. If you need a different format, set PAL_PARTITION_FORMAT_TYPE (in pal_plat_filesystem.c) to the desired type.

Mbed OS

Mbed OS storage configuration.

Dual partition porting

To enable dual partition, change the value of PAL_NUMBER_OF_PARTITIONS to 2.

You must override the FileSystem::get_default_instance()method, because it is for the whole blockdevice. The PAL mount point defines PAL_FS_MOUNT_POINT_PRIMARY and PAL_FS_MOUNT_POINT_SECONDARY must match with the mount points of the filesystem instances. The default value for PAL_FS_MOUNT_POINT_PRIMARY is "/default" and "/default2" for PAL_FS_MOUNT_POINT_SECONDARY. You can override the values in the mbed_app.json file.