Path: EDN Asia >> Design Centre >> Communications/Network >> ARM TrustZone elevates security of IoT devices
Communications/Network Share print

ARM TrustZone elevates security of IoT devices

12 Sep 2014  | Warren Kurisu

Share this page with your friends

The banking application may itself run entirely in secure world, but the device can also switch out of secure world into normal world to access other applications such as a browser or email, or to perform other non-secure tasks. With this high-level understanding of TrustZone and secure world processing, we can now address how several aspects of the layered security model might be supported.

In regards to the network layer, networking interfaces to the outside world can be managed through the secure world. Interrupts coming in from designated interfaces can be mapped in such a way that the system switches into secure world for handling by an application that executes in secure world.

For example, this application can validate and authenticate the connection and connecting entity before actions with potential security implications are allowed to occur. It can also deny any connection that represents a potential threat before it can harm the system. Security measures to protect applications and data are enabled by using cryptographic hash functions such as SHA-256 and public/private cryptographic key pairs.

For example, when booting the system, loading an operating system, or downloading an application, one can create a hash, or message digest of the image using the vendor's public key. If a message digest of the image created with the vendor's private key is provided by the vendor, the user can use the vendor's public key to decrypt the vendor-provided digest and compare the two. If the two compare, then the user knows (1) the application or data came from an authorised party and (2) the application or data has not been tampered with.

Likewise, sensitive data can be validated and stored in an area only accessible in the secure world, or critical data can be encrypted and safely stored in a database that lives in normal world. All of this processing, including storage of sensitive data and cryptographic keys, can be done in the TrustZone secure world before the application or data is allowed to execute in the normal world.


Hypervisor
To complicate matters, security exposures are being amplified due to the functional consolidation enabled by today's complex ARM-based multi-core SoC architectures. Many device manufacturers are moving to these homogeneous or heterogeneous multi-core SoC devices and consolidating heterogeneous operating environments and their applications in order to reduce the size, weight, and cost of their devices.

Also, as processing requirements rise with consolidation, power consumption is less of a concern due to the efficiency delivered by the ARM architecture. A hypervisor with ARM TrustZone support is critical in these consolidated, heterogeneous environments. The hypervisor enables consolidation across homogeneous cores by enforcing the separation of memory, devices, and applications on the multi-core SoC while increasing overall system reliability.

From a security perspective, a system architect can choose to enable secure world on all of the cores of the multi-core system or just one of the cores. However, in an asymmetric multi-processing (AMP) architecture, it might be best to consider using TrustZone on just one core as the system security gateway.

Enabling secure world mode on all cores may lead to secure world execution timing issues and resource contention, which could potentially increase the attack surface for security vulnerabilities. The embedded device world is indeed becoming more functionally rich and connected. As the Internet of Things continues to expand and the value contained in, or the data accessible through, these devices continues to expand accordingly, security becomes a paramount consideration.

Leveraging ARM TrustZone in devices can help to address several layers of the layered security strategy for device manufacturers, application developers, and system integrators.

About the author
Warren Kurisu is the director of Product Management in the Mentor Graphics Embedded Systems Division. He oversees the embedded runtime platform business for Nucleus, Mentor Embedded Linux, Automotive Technology Platform, AUTOSAR, and virtualisation technologies.


To download the PDF version of this article, click here.


 First Page Previous Page 1 • 2


Want to more of this to be delivered to you for FREE?

Subscribe to EDN Asia alerts and receive the latest design ideas and product news in your inbox.

Got to make sure you're not a robot. Please enter the code displayed on the right.

Time to activate your subscription - it's easy!

We have sent an activate request to your registerd e-email. Simply click on the link to activate your subscription.

We're doing this to protect your privacy and ensure you successfully receive your e-mail alerts.


Add New Comment
Visitor (To avoid code verification, simply login or register with us. It is fast and free!)
*Verify code:
Tech Impact

Regional Roundup
Control this smart glass with the blink of an eye
K-Glass 2 detects users' eye movements to point the cursor to recognise computer icons or objects in the Internet, and uses winks for commands. The researchers call this interface the "i-Mouse."

GlobalFoundries extends grants to Singapore students
ARM, Tencent Games team up to improve mobile gaming


News | Products | Design Features | Regional Roundup | Tech Impact