ARM Trusted Firmware
SoC developers and OEMs can benefit from a reference implementation of low-level secure world software known as ARM Trusted Firmware.
This software is available as open source on GitHub and includes trusted boot and a secure runtime that takes care of the switching between the non-secure (non-trusted) and secure (trusted) worlds using Secure Monitor Code Calling Convention (SMCCC). ARM Trusted Firmware can be integrated with a commercial or open source trusted OS to create a TEE.
To aid the system designer in creating a TrustZone based TEE, ARM has created a number of documents, reference software and training courses. These documents include:
- Trusted Base System Architecture (TBSA)
- Trusted Board Boot Requirements (TBBR)
- TrustZone Media Protection Architecture (TZMP)
To get access to these documents please make a request via your account manager or FAE.
TrustZone technology for microcontrollers (Cortex-M)
ARMv8-M architecture extends TrustZone technology to Cortex-M class systems enabling robust levels of protection at all cost points. TrustZone for ARMv8-M has the same high-level features as TrustZone on applications processors with the key benefit that context switching between secure and non-secure worlds is done in hardware for faster transitions and greater power efficiency. There is no need for any secure monitor software.
Embedded software developers enhance their productivity by developing TrustZone systems using C language while maintain the existing programmer’s model for the non-secure side. Debug operations are also supported with sensitivity to access to the secure vs the non-secure states.
TrustZone for Cortex-M is used to protect firmware, peripheral and I/O, as well as provide isolation for secure boot, trusted update and root of trust implementations while providing the deterministic real-time response expected for embedded solutions.
Discover more technical information on TrustZone for ARMv8-M