Login

TrustZone

TrustZone Image
ARM TrustZone® technology is a system-wide approach to security for a wide array of client and server computing platforms, including handsets, tablets, wearable devices and enterprise systems. Applications enabled by the technology are extremely varied but include payment protection technology, digital rights management, BYOD, and a host of secured enterprise solutions.

TrustZone technology is tightly integrated tightly into Cortex™-A processors but the secure state is also extended throughout the system via the AMBA® AXI™ bus and specific TrustZone System IP blocks. This system approach means that it is possible to secure peripherals such as secure memory, crypto blocks, keyboard and screen to ensure they can be protected from software attack.

Devices developed with TrustZone technology, according to the recommendations of the Trusted Base System Architecture specification, enables the delivery of platforms capable of supporting a full Trusted Execution Environment (TEE) and security aware applications and secure services, or Trusted Applications (TA). A Trusted Execution Environment is a small secure kernel, and normally developed with standard APIs, developed to the TEE specification evolved by the Global Platform industry forum .

TrustZone enables the development of separate Rich Operating System and Trusted Execution Environments by creating additional operating modes to the Normal domain, known as the Secure domain and the Monitor mode. The Secure domain has the same capabilities to the normal domain while operating in a separate memory space. The Secure Monitor acts as a virtual gatekeeper controlling migration between the domains.

Read more information on the use and development of TEEs and Secure Monitor Code

 


Mobile devices have evolved into open software platforms capable of downloading a huge variety of applications from the internet. These applications are validated by the device OEM to ensure quality, however malicious code is increasingly being created to target this class of devices.

In parallel, the demand for mobile devices to handle high-value services is gaining significant momentum. New business models are emerging, from the capability to pay for, download and view the latest Hollywood blockbuster for a specific period, or the ability to pay bills and manage bank accounts remotely from a handset.

These trends have already made mobile devices the next frontier for software attack vectors such as malware, trojans and rootkits. However, through the application of advanced security technology based on ARM TrustZone technology and integrating SecurCore™ tamper resistant elements it is possible to develop devices that can offer both a feature-rich open operating environment and robust security solutions.

Application Examples

  • Secured PIN entry for enhanced user authentication in mobile payments & banking
  • Protection against trojans, phishing and APT (Advanced Persistent Threats)
  • Enable deployment and consumption of high-value media (DRM)
  • BYOD (Bring your own device) device persons and application separation
  • Software license management
  • Loyalty-based applications
  • Access control of cloud-based documents
  • e-Ticketing Mobile TV

ARM processors supporting TrustZone include:


TrustZone Hardware Architecture

The TrustZone hardware architecture aims to provide a security framework that enables a device to counter many of the specific threats that it will experience. Instead of providing a fixed one-size-fits-all security solution, TrustZone technology provides the infrastructure foundations that allow a SoC designer to choose from a range of components that can fulfill specific functions within the security environment.

The primary security objective of the architecture is to enable the construction of a programmable environment that allows the confidentiality and integrity of assets to be protected from specific attacks. A platform with these characteristics is suited to building a wide-ranging set of security solutions that would not be cost-effective with traditional methods. 

TrustZone enables a single physical processor core to execute code safely and efficiently from both the Normal world and the Secure world. This removes the need for a dedicated security processor core, saving silicon area and power, and allowing high performance security software to run alongside the Normal world operating environment.

The two virtual processors context switch via a new processor mode called monitor mode when changing the currently running virtual processor.

The mechanisms by which the physical processor can enter monitor mode from the Normal world are tightly controlled, and are all viewed as exceptions to the monitor mode software. Software executing a dedicated instruction can trigger entry to monitor, the Secure Monitor Call (SMC) instruction, or by a subset of the hardware exception mechanisms. Configuration of the IRQ, FIQ, external Data Abort, and external Prefetch Abort exceptions can cause the processor to switch into monitor mode.

The software that executes within monitor mode is implementation defined, but it generally saves the state of the current world and restores the state of the world at the location to which it switches. It then performs a return-from-exception to restart processing in the restored world.  Examples of how to implement Secure Monitor call are available here.

Broad SoC security is achieved via the security state that TrustZone aware processors propagate into AMBA3 AXI™ bus fabric, ensuring that Normal world components can not access secure world resources, constructing a strong perimeter boundary between the two. A design that places the sensitive resources in the Secure world, and implements robust software running on the secure processor cores, can protect assets against many possible attacks, including those which are normally difficult to secure, such as passwords entered using a keyboard or touch-screen. By separating security sensitive peripherals through hardware, a designer can limit the number of sub-systems that need to go through security evaluation and therefore save costs when submitting a device for security certification.

The final aspect of the TrustZone hardware architecture is a security-aware debug infrastructure that can enable control over access to secure world debug, without impairing debug visibility of the Normal world.


TrustZone Software Architecture

Secure Software Architecture

There are many possible software architectures which a Secure world maywish to implement. The most advanced is a dedicated Secure world operating system; the simplest is a synchronous library of code placed in the Secure world. There are many intermediate options between these two extremes.

Secure Kernel

A dedicated secure kernel is potentially a complex yet powerful design. It can simulate concurrent execution of multiple independent Secure world applications, run-time download of new security applications, and Secure world tasks that are completely independent of the Normal world environment.

These designs closely resemble the software stacks that would be seen in a SoC with two separate physical processors in an Asymmetric Multi-Processing (AMP) (or download TrustZone Security White Paper, 685 KB 685 KB PDF File Download) configuration. The software running on each virtual processor is a standalone operating system, and each world uses hardware interrupts to pre-empt the currently running world and acquire processor time.

A tightly integrated design, which uses a communications protocol that associates Secure world tasks with the Normal world thread that requested them, can provide many of the benefits of a Symmetric Multi-Processing (SMP) design. In these designs a Secure world application could, for example, inherit the priority of the Normal world task that it is assisting. This would enable some form of soft real-time response for media applications.

The Security Extensions are an open component of the ARM architecture, so any developer can create a custom Secure world software environment to meet their requirements.

Due to the inherent complexity of implementing a full Secure OS, and the potential need to certify its capabilities and performance, ARM recommends Trusted OS solutions from Trusted OS suppliers that are members of GlobalPlatform and are working towards standardizing TEE APIs and libraries.

GlobalPlatform API Support

ARM works closely with a wide array of partners and industry industry forumscommittees to drive standards that accelerate the adoption of key technologies. For standards around security and certification, and the formalization of TEE APIs, ARM is partnering with Global Platform. For more information on developing a TEE in accordance with the Global Platform specification please visit Global Platform or contact the ARM support team.


TrustZone System Examples

There are limitless ways of implementing a TrustZone enabled device, however these break down into three major groups, or tiers of solutions, based upon the target application and engineering trade-off for performance, power and cost.

Basic System Architecture

TrustZone Tier One System Architecture Block Diagram- Click for larger version

Basic System Block Diagram (1200px wide)

The basic secure system architecture represents a baseline solution intended to secure the keypad and screen to enable personal identification numbers (PINs) to be entered on an open software platform device. In none-secure mode the keyboard and screen operate as usual under the control of a Rich OS, such as Android. However, when an application requests payment these peripherals are placed under the control of the Secure Kernel.

With the desire that this type of solution be as low cost as possible, only the addition of TrustZone Memory Adaptor fabric component is required, to secure a contiguous block of on chip SRAM. The Master Key and SIM interface blocks are secured by tying their AXI2AHB bridge to secure state. Similarly, the bridge for the Keyboard Master Interface and LEC Controller can be dynamically controlled by the processor; setting the entire region into either Secure or None-Secure modes.

It is suggested that in booting the device, a complete “root of trust” process be used. In many cases, this would be done via an integrated Boot ROM that runs the base OS and then loads the monitor and SecureOS. Once completed the SecureOS would then launch the traditional rich OS, ensuring that no malicious code can enter the process.

Advanced System Architecture

Tier Three

Advanced System Architecture Block Diagram (1200px wide)

The Advanced System Architecture is a complete superset of the Base Architecture, ensuring that code portability and payment services are easily incorporated. The advanced system provides a cost-effective platform for digital rights management (DRM), with integration of the TrustZone Address Space Controller (TZASC) to protect areas of the RAM used to hold valuable content. The advanced architecture support integration of media accelerators, such as GPU, Video Engine and Display controller, all of which require knowledge of the processors security state.  


System IP Support

Security is an attribute of a whole system, not just a single component. ARM® TrustZone® technology allows the system to be more easily partitioned for security while maintaining hardware-backed protection for the security sub-system. Designing the security sub-system using TrustZone technology requires not only a TrustZone technology-enabled processor core, but also the bus fabric, secure memory and secure peripherals. ARM provides a range of System IP to provide the foundation of security sub-systems:

 

 TrustZone System IP Components
CoreLink Interconnect CoreLink Interconnect provides on-chip AMBA® connectivity and includes the features needed to create a system secured with TrustZone

CCI-400

NIC-400

 Advanced AMBA 3 Interconnect NIC-301 The ARM AMBA® 3.0 AXI bus can propagate the secure status of the processor core to the memory and peripherals in the SoC and beyond NIC-301 
TrustZone Address Space Controller (TZC-400) The latest ARM TZC provides enhanced capabilites for protecting data held in off chip DRAM.  This includes support for the AMBA4 protocols and the ability to protect content in DRM use cases.  TZC-400
 TrustZone Address Space Controller (TZC-380)  The TZ ASC acts as a security enhanced memory protection unit ensuring areas of DRAM are only accessible in secure state  TZC-380
 TrustZone Memory Adaptor   The TZ MA acts as a single region TZ ASC for on-chip memory which needs to be access only in secure mode  BP141
 TrustZone Protection Controller   The TZ PC acts to dynamically secure peripherals via software control  BP147
 TrustZone Interrupt Controller  Enables normal and secure interrupt prioritization if GIC (MPCore capable processor) not present  

 


Maximise


Cookies

We use cookies to give you the best experience on our website. By continuing to use our site you consent to our cookies.

Change Settings

Find out more about the cookies we set