TrustZone – Arm Developer

This document is the non-proprietary security policy for Arm® TrustZone® CryptoCell-712. This security policy describes how CryptoCell-712 meets the security requirements of FIPS 140-2, and how to operate CryptoCell-712 securely, in a FIPS-compliant manner. This policy is ARM TrustZone Hacked By Abusing Power Management - Slashdot TrustZone is a terrible architecture. It started as a hash-for-secure-boot and then had more and more crap bolted onto it without rhyme or reason as the marketing folks sold it as all things to all people, with most of what was bolted on only partly finished or debugged, if that. What is TrustZone and how does Samsung Knox use it? - The Knox is Samsung's defense-grade security platform built into our latest mobile devices. To keep our devices secure, Knox leverages a processor architecture known as ARM TrustZone. In TrustZone, there are two worlds, the Normal World, and the Secure World. Virtually all smartphone software as we know today still runs in Normal World. Arm TrustZone Technology Arm TrustZone technology offers an efficient, system-wide approach to security with hardware-enforced isolation built into the CPU. It provides the perfect starting point for establishing a device root of trust based on Platform Security Architecture (PSA) guidelines.

ARM TrustZone TEE is an implementation of the TEE standard. TrustZone TEE is a hybrid approach that utilizes both hardware and software to protect data. [7] [8] It therefore offers a level of security sufficient for many applications.

Demystifying Arm TrustZone: A Comprehensive Survey: ACM TrustZone is a System-on-Chip and CPU system-wide security solution, available on today’s Arm application processors and present in the new generation Arm microcontrollers, which are expected to dominate the market of smart “things.” ARM TrustZone for dummies - YouTube Sep 01, 2019

Trusted Computing Building Blocks for Embedded Linux …

ARM Cortex-M TrustZone. Secure/Non Secure Trusted/Non-Trusted Arm TrustZone on Cortex-M is a solution to the above problem. It introduces another 'Level' of Access rights, which is called 'Secure/Non-Secure'. This is also at times called 'trusted/Non-Trusted'. Now the processor can have 4 Levels of Access. Non-Secure, Unprivileged; Secure, Unprivileged Reflections on Trusting TrustZone - Black Hat