TrustZone® is ARM's hardware solution for security. It is an on-chip security enclave providing hardware isolation and protection for sensitive material such as cryptographic keys, intellectual property and data. TrustZone-enabled SoCs are found in over a billion devices such as payment terminals, set-top boxes and mobile phones. TrustZone is fast becoming a standard way for IoT device makers to implement security. With TrustZone, security is designed into the product and secure functions are propagated throughout the product. This results in a more secure device. It is important to note, that not all SoCs implement TrustZone the same way which can impact your design.
TEE stands for Trusted Execution Environment. On top of the hardware foundation of the ARM® TrustZone® technology, the TEE adds a functional runtime environment with standards compliant APIs, strong application separation through the security focused microkernel, and strong protection of sensitive assets through access control and cryptography.
While the TrustZone establishes “Normal” (unsecure) and Secure worlds, the TEE moderates communications across these domains. Applications and functions in the Normal world can access secure functions in the TEE through the Secure Monitor which acts as a gatekeeper. This means that only applications with the right credentials have access to resources protected by the TEE.
The Trustzone/TEE combination provides hardware and software isolation from the non-secure operations of the device. This allows for sensitive data to be handled without the risk of exposure. In addition, due to the integrity in the boot process, the functions provided by the TEE are less likely to be compromised by malicious code.
The TEE is also used to secure access to peripherals by implementing peripheral drivers in the TEE. This protects access to peripherals such as persistent storage, memory and displays.
What are Trusted Applications?
Trusted Applications (TAs) are applications that reside in the TEE. They are resources that applications in the Normal world can access for specific secure functions such as storage and cryptography. There are two types of TAs – Static and Dynamic.
Encrypted, signed and part of the base firmware
Updates provisioned with new firmware
Encrypted, signed and stored in REE file system
Loaded into TEE at run time: validate, decrypt, execute
Updatable dynamically, including via Over-The-Air (OTA) install
TAs are only accessed through the TEE Internal API and are only active when handling messages. In other words, they are protected by MMU. Each TA exists in a separate address space and can be independently scheduled.
How can I learn about building Trusted Applications?
We have made learning about writing TAs easy. OP-TEE is now ported to the Raspberry Pi 3-B! All you have to do is purchase a Raspberry Pi 3-B and get the associated SDK. Please note that while Raspberry Pi 3 does incorporate a TrustZone, the security functions are not propagated through the bus fabric. It should only be used as a learning tool and not for commercial deployment. You can purchase a Raspberry Pi 3 kit here (link Coming Soon!). You can also get the SDK, tutorials and code samples at https://github.com/OP-TEE/optee_os.
For commercial projects, we will soon be releasing a CoreTEE dev kit comprising an Atmel Xplained dev board and the CoreTEE SDK. If you would like to be notified when it becomes available, please send an email to firstname.lastname@example.org or use our contact form.
What is OP-TEE?
OP-TEE is an open source TEE project managed by Linaro. It is managed and promoted by the Security Working Group at Linaro. OP-TEE provides the “base-level” secure kernel along with the basic mechanism for secure interactions between Normal and Secure worlds, and Global Platform compatible APIs for assured interoperability. While access to OP-TEE is free, a considerable amount of work is still required to make it work on a specific SoC. Sequitur Lab’s CoreTEE® is a commercially viable implementation of OP-TEE that represents a significant investment of time and resources and provides several critical enhancements necessary for rapid commercial implementation.
What enhancements does CoreTEE® provide over OP-TEE?
CoreTEE was developed with the specific intent of enhancing IoT and embedded systems security. This required developing specific capabilities to support IoT and embedded use cases as well as recognizing the varied deployment requirements of customers. CoreTEE’s enhancements include services such as:
Built-in trusted applications
Pre-emptive scheduler in TEE
Support for manufacturing in untrusted facilities
Secure peripheral driver framework
Support for SoC specific security features
Want to schedule a one-on-one deep dive on CoreTEE? Click here.
What security scenarios are supported by CoreTEE?
CoreTEE supports multiple security scenarios and use cases and can help to strengthen security across nearly all industries. Take a look at our Use Cases.
Can CoreTEE be deployed on any SoC?
CoreTEE—or any TEE for that matter—must be ported to each SoC it supports. As mentioned earlier, not all TrustZone implementations are the same. This deep level of integration is necessary to support the specific architecture of the SOC, including memory subsystems, bus design and supported peripherals. CoreTEE currently supports the following SoCs:
Microchip: SAMA5D2 and SAMA5D4
NXP: LayerScape LS1043, QorIQ i.MX6 and i.MX7
If you would like to know specific aspects of the above SoCs that are supported by CoreTEE, sign up for a briefing HERE.
How is CoreTEE packaged?
CoreTEE is packaged flexibly in that there is a base platform and a suite of optional modules that help satisfy your specific use case. To learn more please call or email us at email@example.com.
How do you license CoreTEE?
Sequitur Labs licenses CoreTEE under several licensing schemes designed to meet customer needs. These include:
Single Product License: This enables a manufacturer to make an unlimited number of one particular product with a single part number. It does not allow for variations in functionality, enhancements, or multiple part numbers.
Product Family License: This enables an unlimited number of multiple, related products to be manufactured and sold. They may have different functionality and performance, but must be of the same product type.
Processor (CPU) License: This enables an unlimited number any type of product to be manufactured, as long as the products are based on a single microprocessor. Unlimited variations in functionality, performance, and product name are allowed.
Can you help me develop Trusted Applications?
Yes. We provide professional services that can help you with everything from design to concept to bespoke software development. Find out more about our Services or contact us.
Still have questions?
Contact us and we will get back to you as soon as possible