diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Corstone-1000-Enable-different-DRBG-configurations.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Corstone-1000-Enable-different-DRBG-configurations.patch
new file mode 100644
index 00000000..4fe40b58
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0011-Corstone-1000-Enable-different-DRBG-configurations.patch
@@ -0,0 +1,40 @@
+From d60a6b4edda3465d86ec264b2cbfd7d14109ed5f Mon Sep 17 00:00:00 2001
+From: Devaraj Ranganna <devaraj.ranganna@arm.com>
+Date: Thu, 18 Sep 2025 22:07:38 +0100
+Subject: [PATCH 2/2] Corstone-1000: Enable different DRBG configurations
+
+The following DRBG configurations are enabled:
+
+* `CC3XX_CONFIG_DRBG_CTR_ENABLE`
+* `CC3XX_CONFIG_DRBG_HMAC_ENABLE`
+* `CC3XX_CONFIG_DRBG_HASH_ENABLE`
+
+The choice of DRBG is defined by `CC3XX_CONFIG_ENABLE_RANDOM_CTR_DRBG`.
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
+---
+ platform/ext/target/arm/corstone1000/cc3xx_config.h | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/platform/ext/target/arm/corstone1000/cc3xx_config.h b/platform/ext/target/arm/corstone1000/cc3xx_config.h
+index c5654a6bdb..199a99e1ca 100644
+--- a/platform/ext/target/arm/corstone1000/cc3xx_config.h
++++ b/platform/ext/target/arm/corstone1000/cc3xx_config.h
+@@ -87,6 +87,13 @@
+ #error "cc3xx_config: RNG config must select a single DRBG"
+ #endif /* CC3XX_CONFIG_RNG_DRBG_HMAC + CC3XX_CONFIG_RNG_DRBG_CTR + CC3XX_CONFIG_RNG_DRBG_HASH */
+ 
++/* Whether the CTR_DRBG is enabled through the generic interface */
++#define CC3XX_CONFIG_DRBG_CTR_ENABLE
++/* Whether the HMAC_DRBG is enabled through the generic interface */
++#define CC3XX_CONFIG_DRBG_HMAC_ENABLE
++/* Whether the HASH_DRBG is enabled through the generic interface */
++#define CC3XX_CONFIG_DRBG_HASH_ENABLE
++
+ /* Whether an external TRNG should be used in place of the standard CC3XX TRNG */
+ /* #define CC3XX_CONFIG_RNG_EXTERNAL_TRNG */
+ 
+-- 
+2.43.0
+
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-bl2-corstone-1000-Remove-psa_adac_to_tfm_apply_permi.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-bl2-corstone-1000-Remove-psa_adac_to_tfm_apply_permi.patch
new file mode 100644
index 00000000..2971958d
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0012-bl2-corstone-1000-Remove-psa_adac_to_tfm_apply_permi.patch
@@ -0,0 +1,51 @@
+From 2165f9db2257905d20722a2b87ceb53f320fc198 Mon Sep 17 00:00:00 2001
+From: Devaraj Ranganna <devaraj.ranganna@arm.com>
+Date: Mon, 22 Sep 2025 12:48:57 +0100
+Subject: [PATCH 1/2] bl2: corstone-1000: Remove
+ `psa_adac_to_tfm_apply_permissions`
+
+The API `psa_adac_to_tfm_apply_permissions` is added to `psa-adac`
+library. Therefore, remove it from
+`platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c`.
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
+---
+ .../arm/corstone1000/bl2/boot_hal_bl2.c       | 21 -------------------
+ 1 file changed, 21 deletions(-)
+
+diff --git a/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c b/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
+index 2abcfb5fd3..8c4eb80d03 100644
+--- a/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
++++ b/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
+@@ -111,27 +111,6 @@ static bool fill_flash_map_with_fip_data(uint8_t boot_index) {
+ #endif /* !TFM_S_REG_TEST */
+ 
+ #ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG
+-int psa_adac_to_tfm_apply_permissions(uint8_t permissions_mask[16])
+-{
+-    (void)permissions_mask;
+-
+-    int ret;
+-    uint32_t dcu_reg_values[4];
+-
+-    /* Below values provide same access as when platform is in development
+-       life cycle state */
+-    dcu_reg_values[0] = 0xffffe7fc;
+-    dcu_reg_values[1] = 0x800703ff;
+-    dcu_reg_values[2] = 0xffffffff;
+-    dcu_reg_values[3] = 0xffffffff;
+-
+-    ret = crypto_hw_apply_debug_permissions((uint8_t*)dcu_reg_values, 16);
+-    BOOT_LOG_INF("%s: debug permission apply %s\n\r", __func__,
+-            (ret == 0) ? "success" : "fail");
+-
+-    return ret;
+-}
+-
+ uint8_t secure_debug_rotpk[32];
+ #endif /* PLATFORM_PSA_ADAC_SECURE_DEBUG */
+ 
+-- 
+2.43.0
+
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-bl2-corstone-1000-secure-debug-waiting-in-CM-LCS.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-bl2-corstone-1000-secure-debug-waiting-in-CM-LCS.patch
new file mode 100644
index 00000000..11085f66
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/0013-bl2-corstone-1000-secure-debug-waiting-in-CM-LCS.patch
@@ -0,0 +1,56 @@
+From fddaf5d297f56305b50b672477cabb840d6f426b Mon Sep 17 00:00:00 2001
+From: Devaraj Ranganna <devaraj.ranganna@arm.com>
+Date: Mon, 22 Sep 2025 12:59:43 +0100
+Subject: [PATCH 2/2] bl2: corstone-1000: secure debug waiting in CM LCS
+
+Currently, when the device is in Secure Enable (SE) LCS state, setting
+`dcu_en` register causes CC-312 reset, which effectively resets the
+device as they are both on same power domain. Therefore, temporarily
+disable moving SE enable before waiting for secure debug notification.
+The device will be in CM provisioned state.
+
+Long-term solution is to implement a solution similar to RSE, secure
+debug handshake is completed and then a reset is triggered and `dcu_en`
+is applied during bl2.
+
+Upstream-Status: Inappropriate [Need to be redesigned]
+Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
+---
+ .../ext/target/arm/corstone1000/bl2/boot_hal_bl2.c  | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c b/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
+index 8c4eb80d03..bf7b62881a 100644
+--- a/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
++++ b/platform/ext/target/arm/corstone1000/bl2/boot_hal_bl2.c
+@@ -165,7 +165,18 @@ int32_t boot_platform_post_init(void)
+     }
+ 
+ #ifdef PLATFORM_PSA_ADAC_SECURE_DEBUG
++    /*  TODO: Currently, when the device is in Secure Enable (SE) LCS state,
++        setting `dcu_en` register causes CC-312 reset, which effectively resets
++        the device as they are both on same power domain. Therefore, temporarily
++        disable moving SE enable before waiting for secure debug notification.
++        The device will be in CM provisioned state.
++
++        Long-term solution is to implement a solution similar to RSE, secure
++        debug handshake is completed and then a reset is triggered and `dcu_en`
++        is applied during bl2.
++
+     if (!tfm_plat_provisioning_is_required()) {
++    */
+ 
+         plat_err = tfm_plat_otp_read(PLAT_OTP_ID_SECURE_DEBUG_PK, 32, secure_debug_rotpk);
+         if (plat_err != TFM_PLAT_ERR_SUCCESS) {
+@@ -176,7 +187,7 @@ int32_t boot_platform_post_init(void)
+         BOOT_LOG_INF("%s: Corstone-1000 Secure Debug is a %s.\r\n", __func__,
+                 (result == 0) ? "success" : "failure");
+ 
+-    }
++  /*}*/
+ #endif
+ 
+     return 0;
+-- 
+2.43.0
+
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0002-ADAC-Link-psa_interface-instead-of-tfm_sprt.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0002-ADAC-Link-psa_interface-instead-of-tfm_sprt.patch
deleted file mode 100644
index b82e417c..00000000
--- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0002-ADAC-Link-psa_interface-instead-of-tfm_sprt.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From af71103845498eef4f859deba4b904a195f2817f Mon Sep 17 00:00:00 2001
-From: Bence Balogh <bence.balogh@arm.com>
-Date: Mon, 22 Jul 2024 17:33:23 +0200
-Subject: [PATCH] ADAC: Link psa_interface instead of tfm_sprt
-
-The tfm_sprt brings in other functionalities that are not needed for
-the Secure Debug.
-
-The printf() override in tfm_sp_log_raw.c can cause problems because
-it calls tfm_hal_output_sp_log() which triggers an SVC. The SVC calls
-tfm_hal_output_spm_log which relies on an SPM, which might not be
-initialized at that point.
-
-Signed-off-by: Bence Balogh <bence.balogh@arm.com>
-Upstream-Status: Backport [af0acd1af3e2cc81b12931b31367fb95e49e8272]
----
- psa_crypto/CMakeLists.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/psa_crypto/CMakeLists.txt b/psa_crypto/CMakeLists.txt
-index 3e70624..58d95f7 100644
---- a/psa_crypto/CMakeLists.txt
-+++ b/psa_crypto/CMakeLists.txt
-@@ -18,7 +18,7 @@ target_sources(psa_adac_psa_crypto
- target_link_libraries(psa_adac_psa_crypto
-     PRIVATE
-         psa_adac_config
--        tfm_sprt
-+        psa_interface
- )
- 
- target_link_libraries(trusted-firmware-m-psa-adac
--- 
-2.25.1
-
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0003-Fix-psa_key_handle_t-initialization.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0002-Fix-psa_key_handle_t-initialization.patch
similarity index 100%
rename from meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0003-Fix-psa_key_handle_t-initialization.patch
rename to meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0002-Fix-psa_key_handle_t-initialization.patch
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0003-cmake-Update-psa_adac_psa_crypto-dependencies.patch b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0003-cmake-Update-psa_adac_psa_crypto-dependencies.patch
new file mode 100644
index 00000000..393a4be6
--- /dev/null
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/files/corstone1000/psa-adac/0003-cmake-Update-psa_adac_psa_crypto-dependencies.patch
@@ -0,0 +1,30 @@
+From 3c552d0b46559160581e89bf310db0b176e33074 Mon Sep 17 00:00:00 2001
+From: Devaraj Ranganna <devaraj.ranganna@arm.com>
+Date: Thu, 18 Sep 2025 17:45:20 +0100
+Subject: [PATCH] cmake: Update `psa_adac_psa_crypto` dependencies
+
+The auto-generated header files are part of `psa_adac_core` library.
+Therefore, link `psa_adac_psa_crypto` library with `psa_adac_core`
+library.
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
+---
+ psa_crypto/CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/psa_crypto/CMakeLists.txt b/psa_crypto/CMakeLists.txt
+index b1c3f5d..efc284d 100644
+--- a/psa_crypto/CMakeLists.txt
++++ b/psa_crypto/CMakeLists.txt
+@@ -20,6 +20,7 @@ target_link_libraries(psa_adac_psa_crypto
+         psa_adac_config
+         $<$<BOOL:${PSA_ADAC_AS_TFM_RUNTIME_SERVICE}>:tfm_sprt>
+         psa_interface
++        psa_adac_core
+ )
+ 
+ target_link_libraries(trusted-firmware-m-psa-adac
+-- 
+2.43.0
+
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
index 90284d81..2b44f168 100644
--- a/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-m/trusted-firmware-m-corstone1000.inc
@@ -27,6 +27,8 @@ EXTRA_OECMAKE:append:corstone1000-mps3 = " -DPLATFORM_PSA_ADAC_SECURE_DEBUG=${@b
 EXTRA_OECMAKE:append:corstone1000-mps3 = " -DPLATFORM_PSA_ADAC_SOURCE_PATH=${UNPACKDIR}/tfm-psa-adac -DPLATFORM_PSA_ADAC_BUILD_PATH=${B}/tfm-psa-adac-build"
 
 FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+
+SRCREV_tfm-psa-adac:corstone1000 = "f2809ae231be33a1afcd7714f40756c67d846c88"
 SRC_URI:append:corstone1000 = " \
     file://0001-arm-trusted-firmware-m-disable-address-warnings-into.patch \
     file://0002-Platform-CS1000-Remove-unused-BL1-files.patch \
@@ -37,13 +39,16 @@ SRC_URI:append:corstone1000 = " \
     file://0007-Platform-Corstone1000-Increase-buffer-sizes.patch \
     file://0008-Platform-Corstone1000-Remove-duplicate-configuration.patch \
     file://0010-plat-corstone1000-Add-support-for-Cortex-A320-varian.patch \
+    file://0011-Corstone-1000-Enable-different-DRBG-configurations.patch \
+    file://0012-bl2-corstone-1000-Remove-psa_adac_to_tfm_apply_permi.patch \
+    file://0013-bl2-corstone-1000-secure-debug-waiting-in-CM-LCS.patch \
     "
 
 FILESEXTRAPATHS:prepend:corstone1000-mps3 := "${THISDIR}/files/corstone1000/psa-adac:"
 SRC_URI:append:corstone1000-mps3 = " \
     file://0001-PSA-revert-header-versions.patch;patchdir=../tfm-psa-adac \
-    file://0002-ADAC-Link-psa_interface-instead-of-tfm_sprt.patch;patchdir=../tfm-psa-adac \
-    file://0003-Fix-psa_key_handle_t-initialization.patch;patchdir=../tfm-psa-adac \
+    file://0002-Fix-psa_key_handle_t-initialization.patch;patchdir=../tfm-psa-adac \
+    file://0003-cmake-Update-psa_adac_psa_crypto-dependencies.patch;patchdir=../tfm-psa-adac \
     "
 
 create_bl1_image(){