Embedded Security with ARM TrustZone
Enabling security in embedded software for ARM-based devices
ARM® TrustZone™ can be thought of as a hardware-based solution that is able to define a subset of the SoC for access by software. Users are able to define hardware resources as normal or secure. Software that is designated as secure world software has access to all of the hardware IP present in the SoC, while software that is designated as normal world software, can only access those hardware elements that are defined as normal or “non-secure”.
As powerful as ARM TrustZone is, it needs additional software support to effectively provide a secure environment, particularly when these embedded devices are running on multicore SOC and require multi-OS support.
Mentor Embedded Hypervisor and ARM Trust Zone
Virtualization technology
Virtualization technology integrates support for the ARM TrustZone at its core, enabling applications to effectively:
Guarantee separation of multiple, non-secure applications
Mentor Embedded Hypervisor includes integrated support for the ARM TrustZone system security architecture and addresses security issues and challenges by enabling strong isolation and containment of guest operating environments.
Enable separation of normal world resources from secure world
Functioning at the highest privilege level in a system, the hypervisor can enforce the partitioning of memory and devices to ensure that misbehaving applications, either intentional or malicious, cannot disrupt or corrupt other areas of the system.
Share peripherals while maintaining application robustness
For applications requiring hardware-based partitioning of resources such as memory, crypto blocks, and keyboard/ screens the hypervisor supports a completely separate secure-world operating environment. Mentor Embedded Hypervisor effectively addresses a broad range of embedded device security requirements by extending the limitations of hardware-only system partitioning.
Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.