An Introduction to TrustZone

2017 年 09 月 15 日   ソリューション統括部

The Internet of Things (IoT) is growing at an excellent pace, with connected embedded intelligence becoming an integral part of people's lives at an individual, industrial and societal level. ARM TrustZone technology is a system-wide approach to security for system-on-chip (SoC) designs. It is hardware-based security built into the heart of CPUs and systems and used by semiconductor chip designers who want to provide security to devices, such as root of trust. TrustZone technology is available on any ARM Cortex-A based system.

So what is Trust Zone?

At the heart of the TrustZone approach is the concept of secure and non-secure worlds that are hardware-separated from each other. Within the processor, software either resides in the secure world or the non-secure world; a switch between these two worlds is accomplished via software in Cortex-A processors (referred to as the secure monitor). This concept of secure (trusted) and non-secure (non-trusted) worlds extends beyond the CPU. It also covers memories, on-chip bus systems, interrupts, peripheral interfaces and software within a SoC.
There is a Four Compartment Security model implemented in ARM. They are as below:

1. Normal World - With which USER/SYSTEM modes will work
2. Hypervisor Mode - were Virtual OS can run
3. Trusted World - were trusted application and OS resides.
4. Secure Elements - offering Tamper proof secured processing and storage.
   The Following is the Outline of Trusted Zone

Features of ARM TrustZone

The main Features of ARM TrustZone are as follows:

1. TrustZone provides Hardware Isolation
   Each of the Physical cores will be divided into two virtual isolated cores with names Secure World and Normal World.
2. Monitor Mode
   This is a mechanism to switch between secure mode and normal mode. In other words we could say this monitor mode as the gate keeper to secure world. Monitor Mode can be selected by using SMC (Secure Monitor Calls) instructions and by some exceptions.
3. CPU state is carried out to the AXI bus
   Secure mode can be enabled by setting AXI bus bit AxProt [1]. A '0' here means secure and a '1' means non secure mode. This will allow implementation of secure-aware peripherals.
   As an Example Let us look into the Trust Zone Architecture of NXP's i.MX SoC.

How Arm TrustZone Works

From the block diagram above we could distinguish what are the special internals that constitute the TrustZone environment in i.MX. The main components that constitute TrustZone in i.MX are as follows:

1. Generic Interrupt controller (GIC):- Used to distinguish the interrupts from secure world and non-secure world
2. TrustZone Watchdog Timer (TZ WDOG): - The TrustZone Watchdog (TZ WDOG) timer module protects against TrustZone starvation by providing a method of escaping normal mode and forcing a switch to the TZ mode. TZ starvation is a situation where the normal OS prevents switching to the TZ mode. Such a situation is undesirable as it can compromise the system's security.
3. TZ Address Space Controller (TZASC):- The TZASC provides security address region control functions required for intended application. It is used on the path to the DRAM controller.
4. Central Security Unit (CSU):- will determine the security level operation mode as well as the TZ policy. CSU enforces the access rights to peripherals for secure and non-secure modes

Working of TrustZone in Freescale i.MX SoC's.

TrustZone functionality depends on the SCU register. As you can see in the following figure the NS bit in Secure Configuration Register decides the TrustZone Functionality of the SoC.
By setting '0' to the NS bit in SCU makes the TrustZone configured memory and Peripherals to go live.

How to Secure Peripherals?

This can be done by the CSU. Each peripherals including DMA peripherals can be configured separately for TrustZone. These peripherals will be monitored by CSU.

How to Secure Memory?

TZASC (TrustZone Address space controller) will do the secure memory Management for TrustZone. There will be separate MMU Page tables, TLB and Cache memory for secure and non-Secure operations. TZASC will isolate secure memory and non-secure memory from each other. Each of the eight memory (in the case of i.MX) regions can be configured with different security permissions.

CPU Architecture support for ARM TRustZone

For supporting TrustZone, ARM has implemented an Extra processor execution level called EL3 in ARMv8 and Secure Monitor in ARMv7. Secure Monitor Calls are used to get the CPU enter into EL3 Mode.

Memory Architecture support for ARM TRustZone

MMU provides 2 virtual address spaces separately for Secure and non-secure world operations. The TLB and cache entries will have an additional tag to identify the world (Secure or Non-Secure world) that used it.

Posted by vi