System-Wide Security for IoT Devices
TrustZone technology for Arm Cortex-M processors enables robust levels of protection at all cost points for IoT devices. The technology reduces the potential for attack by isolating the critical security firmware, assets and private information from the rest of the application. It provides the perfect starting point for establishing a device root of trust based on Platform Security Architecture (PSA) guidelines.
Features and Benefits
TrustZone provides a foundation for system-wide security and the creation of a trusted platform. Any part of the system can be designed as part of the secure world, including debug, peripherals, interrupts and memory.
TrustZone allows SoC designers to choose from a range of components that fulfil specific functions within the secure environment. TrustZone is supported by Corstone reference packages, helping companies develop systems faster.
Developers can create TrustZone systems using familiar languages while maintaining the existing programmer’s model. Also, TrustZone is supported by a comprehensive ecosystem of RTOS, compiler, debug, and trace solutions.
Talk with an Expert
Looking for advice on how to implement security with TrustZone? Talk with an Arm expert.
Products Built with TrustZone Technology
The smallest and lowest-power microcontroller with TrustZone security, making it the ideal processor for applications where software isolation and software security are required.
Optimized for applications that require security or digital signal control.
Combines physical resilience and system safety functions, as well as TrustZone technology.
Arm’s most AI-capable Cortex-M processor and the first to feature Arm Helium technology, bringing a significant uplift in power-efficient ML and DSP performance for IoT devices.
There are a number of Corstone packages, depending on device requirements. Explore the right one for your project.
Supporting Architecture and Products
Platform Security Architecture
The Platform Security Architecture (PSA) is a common industry framework for IoT devices. PSA helps developers define a consistent level of security by providing principles and deliverables, including threat models, architecture specifications and open source firmware. A key security goal outlined in PSA is isolation—exactly where Arm TrustZone provides a perfect implementation.
Trusted Firmware-M (TF-M) is an open source, secure world firmware solution offering reference documents, specifications, and APIs of PSA-trusted code for Armv8-M-based microcontrollers. TF-M forms the foundations of a Trusted Execution Environment (TEE) on the microcontroller secure processing environment.
Arm Mbed OS is an open-source embedded operating system for the development of IoT connected products. Mbed OS includes standards-based security and connectivity stacks, an RTOS kernel, and remote device management.
TrustZone for Cortex-A
Arm TrustZone technology is used on billions of applications processors to protect high-value code and data. Within Arm Cortex-A processors, software either resides in the secure world or the non-secure world; a switch between the two is accomplished via software referred to as the secure monitor.
- Challenges of Delivering and Protecting Third-party Firmware Libraries on Microcontroller Systems
- Armv8-M Architecture Technical Overview
- Software Development in Armv8-M Architecture
- High-End Security Features for Low-End Microcontrollers
Visit our developer website to explore for more TrustZone resources, including technical documentation, hands-on webinars, and where to go for expert advice.