diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 184e1ab645..870e335d11 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -696,6 +696,20 @@
  */
 #define MBEDTLS_PKCS1_V21
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_SPM
+ *
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
+ * Partition Manager) integration which separates the code into two parts: a
+ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
+ * Environment).
+ *
+ * Module:  library/psa_crypto.c
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_SPM
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 41c3f24585..620aff9991 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -492,6 +492,10 @@
 #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
+#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
     !defined(MBEDTLS_OID_C) )
 #error "MBEDTLS_RSA_C defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index d3df9eeda1..385381f7cc 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1126,6 +1126,20 @@
  */
 #define MBEDTLS_PKCS1_V21
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_SPM
+ *
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
+ * Partition Manager) integration which separates the code into two parts: a
+ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
+ * Environment).
+ *
+ * Module:  library/psa_crypto.c
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_SPM
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/library/version_features.c b/library/version_features.c
index b77bf26587..9917ec03e1 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -414,6 +414,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_PKCS1_V21)
     "MBEDTLS_PKCS1_V21",
 #endif /* MBEDTLS_PKCS1_V21 */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+    "MBEDTLS_PSA_CRYPTO_SPM",
+#endif /* MBEDTLS_PSA_CRYPTO_SPM */
 #if defined(MBEDTLS_RSA_NO_CRT)
     "MBEDTLS_RSA_NO_CRT",
 #endif /* MBEDTLS_RSA_NO_CRT */
diff --git a/scripts/config.pl b/scripts/config.pl
index 3d2884cc9d..2e4ac3bb68 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -96,6 +96,7 @@ MBEDTLS_ZLIB_SUPPORT
 MBEDTLS_PKCS11_C
 MBEDTLS_NO_UDBL_DIVISION
 MBEDTLS_NO_64BIT_MULTIPLICATION
+MBEDTLS_PSA_CRYPTO_SPM
 _ALT\s*$
 );