Login

TEE Reference Documentation

With any complex software system it is critical to understand the interworking of different modules and the capabilities of the underlying hardware. To assist in the development of a Trusted Execution Environment, utilization of Secure Monitor capability, or review of a third-party TEE, ARM suggests that partners review the documentation listed below, and potentially look to join one of the many TrustZone training courses held globally each year.

ARM Architectural Reference Manuals

Comments: The ARM Architecture Reference Manuals define the implementation and instructions utilized in the TrustZone SMC plus variations within the exception model between v7 and v8 of the architecture.

T&Cs: These manuals require a www.arm.com account. Please register at https://login.arm.com/register.php or login via the link above. These documents are free of charge and non-confidential, however they are subject to specific terms outlined in their End User License Agreement.

ARM Technical Reference Manuals

Processor core Technical Reference Manuals (TRMs) are available from ARM Infocenter

Navigate to Cortex-A Series Processors, select the processor and revision you are interested in then select Contents. The TRM should be displayed if it is available.

Navigate to Cortex-A Series Processors, select the processor and revision you are interested in then select Contents. The TRM should be displayed if it is available.

Comments: The ARM Technical Reference Manuals define the behaviour and implementation of specific processors, and are useful in understanding the trade-offs and differences between processors. All Cortex processors support TrustZone technology. Cortex-A57 and Cortex-A53 processor TRMs are currently only available to processor licensees.

T&Cs: ARM Cortex-Ax manuals are available openly on infocentre.arm.com. ARM Cortex-A5x manuals currently require a non-disclosure agreement (NDA) – please contact your ARM representative if you wish to implement a relevant NDA.

Processor Errata

Software Developer's Errata are available from ARM Infocenter

Navigate to Cortex-A Series Processors and select the processor and revision you are interested in. The Processor Software Errata should be displayed if it is available.

Comments: The ARM Processor Errata documents define errata in the behaviour of specific processors, and are required to ensure that correct behaviour is achieved under the widest set of conditions. Any errata that impacts the security of the processor is immediate elevated to the highest categorization to ensure software vendors are aware of potential issues and workarounds. Cortex-A57 and Cortex-A53 processor errata are currently only available to processor licensees.

T&Cs: These manuals require a www.arm.com account. Please register at https://login.arm.com/register.php or login via the link above.  These documents are free of charge and non-confidential, however they are subject to specific terms outlined in their End User License Agreement.

White Papers

ARM Security Technology Building a Secure System using TrustZone Technology

Comments: The TrustZone White Paper introduces many of the concepts of TrustZone, TEE, Secure Operating Systems and specific application use cases.

T&Cs: This White Paper is available on http://infocenter.arm.com/ and is non-confidential.

Platform Design Documents

Trusted Base System Architecture Documents

Comments: ARM Platform Design Documents are system recommendations intended to guide silicon vendors as they make the various trade-offs between functionality, cost, complexity and time to market. The TBSA documents focus on the security requirements of complex SoCs for client and enterprise platforms. The documents are not required for the development or implementation of a TEE , however they may be useful in understanding the design choices made by different silicon vendors for various market requirements.

T&Cs: These system recommendations are available via the TrustZone Ready Program, and are subject to a Non-Disclosure Agreement. Please contact your ARM representative if you wish to implement the relevant agreements.

System IP for TrustZone

CoreLink Interconnect

CoreLink Interconnect provides on-chip AMBA® connectivity and includes the features needed to create a system secured with TrustZone
Product(s): CCI-400, NIC-400

Advanced AMBA 3 Interconnect NIC-301

The ARM AMBA® 3.0 AXI bus can propagate the secure status of the processor core to the memory and peripherals in the SoC and beyond
Product(s): NIC-301

TrustZone Address Space Controller

The latest ARM TZC provides enhanced capabilites for protecting data held in off chip DRAM.  This includes support for the AMBA4 protocols and the ability to protect content in DRM use cases. 
Product(s): TZC-400, TZC-380

TrustZone Memory Adaptor

The TZ MA acts as a single region TZ ASC for on-chip memory which needs to be access only in secure mode
Product(s): BP141

TrustZone Protection Controller

The TZ PC acts to dynamically secure peripherals via software control
Products(s): BP147

Comments: System IP is critical for the propagation of TrustZone secure state within the SoC and this section outline key components which are required to manage these signals. Other IP blocks, such as DRM, GPU, Video and Display Controllers will also be integrated into a secure SoC. These blocks may be from ARMs wide portfolio of IP, in which case please visit infoocentre.arm.com for more information, or they may be from third parties. If you are unsure please contact your silicon vendor for clarification.

T&Cs: The system IP manuals are available on http://infocenter.arm.com/.  These documents are free of charge and non-confidential.

TrustZone Training

ARM TrustZone Training

Comments: This course is designed to give platform developers a complete overview of designing trusted systems with ARM TrustZone technology. The course introduces the security extensions to the v6Z, v7-A and v8-A processors. Platform and software requirements to allow such operations as secure boot, DRM or Mobile Payment.

The course discusses a complete trusted system including:

  • Secure boot
  • Secure monitor
  • Trusted kernel and applications
  • Normal world OS drivers
  • Normal world application development
  • Platform design
  • Certification

T&Cs: Training courses are subject to contract. Please contact your local ARM Partner Manager or alternatively our Support team.

ARM Connected Community

TrustZone related blogs, discussions, technical content

 
Maximise


Cookies

We use cookies to give you the best experience on our website. By continuing to use our site you consent to our cookies.

Change Settings

Find out more about the cookies we set