diff --git a/meta-digi-arm/conf/machine/ccmp13-dvk.conf b/meta-digi-arm/conf/machine/ccmp13-dvk.conf
index 88370bb26..a968f92dc 100644
--- a/meta-digi-arm/conf/machine/ccmp13-dvk.conf
+++ b/meta-digi-arm/conf/machine/ccmp13-dvk.conf
@@ -159,3 +159,7 @@ BOOTABLE_ARTIFACTS = " \
     arm-trusted-firmware/tf-a-ccmp13-dvk-nand.stm32 \
     fip/fip-ccmp13-dvk-optee.bin \
 "
+
+# TRUSTFENCE basic support
+# Alternatively, uncommment to enable the console with the specified GPIO
+# TRUSTFENCE_CONSOLE_GPIO_ENABLE_NAME ?= "GPIOB6"
diff --git a/meta-digi-arm/conf/machine/ccmp15-dvk.conf b/meta-digi-arm/conf/machine/ccmp15-dvk.conf
index 86b8ad1c7..c7cb3ffa6 100644
--- a/meta-digi-arm/conf/machine/ccmp15-dvk.conf
+++ b/meta-digi-arm/conf/machine/ccmp15-dvk.conf
@@ -172,3 +172,7 @@ BOOT_DEV_NAME ?= "linux"
 ROOTFS_DEV_NAME ?= "rootfs"
 ROOTFS_ENC_DEV = "${ROOTFS_DEV_NAME}"
 ROOTFS_DEV_NAME_FINAL = "${@oe.utils.ifelse(d.getVar('TRUSTFENCE_ENCRYPT_ROOTFS') == '1', '${ROOTFS_ENC_DEV}', '${ROOTFS_DEV_NAME}')}"
+
+# TRUSTFENCE basic support
+# Alternatively, uncommment to enable the console with the specified GPIO
+# TRUSTFENCE_CONSOLE_GPIO_ENABLE_NAME ?= "GPIOA5"
diff --git a/meta-digi-arm/conf/machine/include/ccmp1.inc b/meta-digi-arm/conf/machine/include/ccmp1.inc
index 38d8d4b09..7a96ef851 100644
--- a/meta-digi-arm/conf/machine/include/ccmp1.inc
+++ b/meta-digi-arm/conf/machine/include/ccmp1.inc
@@ -47,3 +47,9 @@ IMAGE_FSTYPES:remove = "ext4 tar.xz"
 
 # List of supported boot devices
 BOOTDEVICE_LABELS ?= "sdcard"
+
+# Default secure console configuration
+TRUSTFENCE_CONSOLE_DISABLE ?= "0"
+
+# Alternatively, uncommment to enable the console autoboot stop passphrase
+# TRUSTFENCE_CONSOLE_PASSPHRASE_ENABLE = ""
diff --git a/meta-digi-dey/classes/trustfence.bbclass b/meta-digi-dey/classes/trustfence.bbclass
index 7cce60c06..e67f2274e 100644
--- a/meta-digi-dey/classes/trustfence.bbclass
+++ b/meta-digi-dey/classes/trustfence.bbclass
@@ -47,9 +47,15 @@ python () {
         d.appendVar("UBOOT_TF_CONF", "CONFIG_CONSOLE_DISABLE=y ")
         if d.getVar("TRUSTFENCE_CONSOLE_PASSPHRASE_ENABLE"):
             passphrase_hash = hashlib.sha256(d.getVar("TRUSTFENCE_CONSOLE_PASSPHRASE_ENABLE").encode()).hexdigest()
-            d.appendVar("UBOOT_TF_CONF", 'CONFIG_CONSOLE_ENABLE_PASSPHRASE=y CONFIG_CONSOLE_ENABLE_PASSPHRASE_KEY="%s" ' % passphrase_hash)
+            if (d.getVar("DEY_SOC_VENDOR") == "NXP"):
+                d.appendVar("UBOOT_TF_CONF", 'CONFIG_CONSOLE_ENABLE_PASSPHRASE=y CONFIG_CONSOLE_ENABLE_PASSPHRASE_KEY="%s" ' % passphrase_hash)
+            elif (d.getVar("DEY_SOC_VENDOR") == "STM"):
+                d.appendVar("UBOOT_TF_CONF", 'CONFIG_AUTOBOOT_KEYED=y CONFIG_AUTOBOOT_ENCRYPTION=y CONFIG_AUTOBOOT_STOP_STR_ENABLE=y CONFIG_AUTOBOOT_STOP_STR_SHA256="%s" ' % passphrase_hash)
         elif d.getVar("TRUSTFENCE_CONSOLE_GPIO_ENABLE"):
-            d.appendVar("UBOOT_TF_CONF", "CONFIG_CONSOLE_ENABLE_GPIO=y CONFIG_CONSOLE_ENABLE_GPIO_NR=%s " % d.getVar("TRUSTFENCE_CONSOLE_GPIO_ENABLE"))
+            if (d.getVar("DEY_SOC_VENDOR") == "NXP"):
+                d.appendVar("UBOOT_TF_CONF", "CONFIG_CONSOLE_ENABLE_GPIO=y CONFIG_CONSOLE_ENABLE_GPIO_NR=%s " % d.getVar("TRUSTFENCE_CONSOLE_GPIO_ENABLE"))
+            elif (d.getVar("DEY_SOC_VENDOR") == "STM"):
+                d.appendVar("UBOOT_TF_CONF", "CONFIG_CONSOLE_ENABLE_GPIO=y CONFIG_CONSOLE_ENABLE_GPIO_NAME=%s " % d.getVar("TRUSTFENCE_CONSOLE_GPIO_ENABLE_NAME"))
 
     # Secure boot configuration
     if (d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") == "default"):