TrustZone technology for Armv8-M

The Armv8-M architecture extends TrustZone technology to Cortex-M based systems, enabling robust levels of protection at all cost points. TrustZone reduces the potential for attack by isolating the critical security firmware and private information, such as secure boot, firmware update, and keys, from the rest of the application.

TrustZone technology offers an efficient, system-wide approach to security with hardware-enforced isolation built into the CPU. It does this by running two domains side-by-side and sharing resources per set configuration.

Diagram showing Arm TrustZone secure and non-secure

Webinars

A guide to securing your IoT device using TrustZone for Cortex-M

Examine important concepts such as, Secure and Non-secure domains, setting up a TrustZone RTOS and debugging a secure application.

Watch now

Getting started with TrustZone for Cortex-M

Learn to develop a secure application starting with architecture design and isolation and ending with implementation. Watch a demo using the Microchip SAML11 TrustZone-enabled microcontroller.

Watch now

Achieving a secure execution environment on NXP TrustZone-enabled MCUs

Implement a secure execution environment for microcontrollers. Learn how to maintain real-time and low-power properties of the system using NXP’s LPC5500 MCU series.

Watch now

Using the TrustZone-enabled NuMicro M2351 and CMSIS-Zone

Develop secure IoT applications on the Nuvoton’s NuMicro M2351. Learn how to apply the approach on real target hardware, using CMSIS-Zone for setting up the Secure and Non-secure partitions.

Watch now

Working with TrustZone in a Secure IAR Systems Workflow

Set up a secure development workflow using IAR Embedded Workbench and IAR Systems’ new tool C-Trust. Learn how to use IAR Embedded Workbench to create reliable, efficient TrustZone-based applications.

Watch now

Documentation

TrustZone technology for the Armv8-M architecture

This document describes the security states, memory partitions, switching between states and calling of secure functions.

Read here

Using TrustZone on Armv8-M

This application note explains the features that are available in CMSIS and MDK to utilize the Secure and Non-secure domains in the Armv8-M architecture.

Read here

System design for Armv8‑M

This document illustrates a system design with the key extra components and logic that are required to support an Armv8‑M-based microcontroller.

Read here

The Armv8-M architecture reference manual

This manual documents the microcontroller profile of the Armv8-M architecture profile.

Read here

Fault handling and detection

A document that describes fault handling and detection in Armv8-M processors.

Read here

Secure software guidelines for Armv8‑M based platforms

This document describes new requirements for creating secure software for an Armv8‑M based platform.

Read here

Armv8‑M processor debug

This document describes the debug facilities that are provided by Armv8-M.

Read here

Armv8‑M exception handling

The document describes how the processor responds to an exception, the properties that are associated with each exception, such as its priority level, and the exception return behavior.

Read here

RTOS design considerations for Armv8‑M based platforms

This paper describes the changes in the Armv8‑M architecture compared to previous Armv6‑M and Armv7‑M architectures.

Read here

ACLE extensions for Armv8‑M

The Arm C Language Extensions (ACLE) for Armv8‑M describes what updated tools need do to build a secure image and to enable a Non-secure image to call a Secure image.

Read here

Armv8-M processor power management secure state protection

This document describes the interaction between power management in the processor and security implications.

Read here

Training

TrustZone for
Armv8-M

Gain knowledge on the new security features that have been added to the Armv8-M architecture and understand how it is possible to configure the Security Attribution Unit (SAU) to set up Secure and Non-secure memory regions.

Learn more

TrustZone for Armv8-M secure system design

Understand the architectural features that underpin the security partitioning at a software level and how security can be implemented in the wider system using AMBA ABH5.

Learn more

Software and tools

CMSIS-Pack

CMSIS-Packs are software packs for specific MCU devices. They include source, header, and library files along with documentation, source code templates, and example projects.

Learn more

Trusted Firmware-M

Trusted Firmware-M (TF-M) provides open-source reference documents, specifications and APIs of PSA-trusted code for Armv8-M based microcontrollers.

Learn more

Keil MDK

Keil MDK includes all the components you need to build, and debug Arm-based embedded applications. Components include Arm Compiler, IDE, debugger, RTOS, middleware and more.

Learn more

TrustZone-enabled microcontrollers


Get support

Arm support

Arm training courses and on-site system-design advisory services enable licensees to realize maximum system performance with lowest risk and fastest time-to-market.

Arm training courses  Open a support case

Community Blogs

Community Forums

Discussion What is the top level difference in features between Cortex-M33 and Cortex-M4?
  • Cortex-M23
  • Trace
  • ACE
  • AXI
  • CHI
  • Security
  • Cortex-M3
  • Cortex-M
  • TrustZone
  • Cortex-M33
  • Armv8-M
  • Cortex-M4
  • Internet of Things (IoT)
  • AHB
  • Interrupt
0 votes 8634 views 1 replies Latest 16 days ago by bodybeacon Answer this
Not answered Use DS-5 MPS2_CM33 FVP in non-secure mode ? 0 votes 286 views 0 replies Started 20 days ago by ilchang Answer this
Suggested answer Calling non-secure Reset Handler from Secure main
  • Cortex-M33
  • Armv8-M
0 votes 758 views 1 replies Latest 28 days ago by Radhika Raghavendran Answer this
Suggested answer SAU configuration failure
  • TrustZone for Armv8-M
  • Cortex-M33
0 votes 647 views 1 replies Latest 28 days ago by Radhika Raghavendran Answer this
Suggested answer Context protection when calling a secure function(NSC) in a non-secure interrupt function 0 votes 4539 views 10 replies Latest 4 months ago by Yang Zhang Answer this
Suggested answer How to place FreeRTOS in secure memory and the user tasks in non-secure memory?
  • TrustZone
  • Armv8-M
0 votes 13017 views 21 replies Latest 4 months ago by Joseph Yiu Answer this
Discussion What is the top level difference in features between Cortex-M33 and Cortex-M4? Latest 16 days ago by bodybeacon 1 replies 8634 views
Not answered Use DS-5 MPS2_CM33 FVP in non-secure mode ? Started 20 days ago by ilchang 0 replies 286 views
Suggested answer Calling non-secure Reset Handler from Secure main Latest 28 days ago by Radhika Raghavendran 1 replies 758 views
Suggested answer SAU configuration failure Latest 28 days ago by Radhika Raghavendran 1 replies 647 views
Suggested answer Context protection when calling a secure function(NSC) in a non-secure interrupt function Latest 4 months ago by Yang Zhang 10 replies 4539 views
Suggested answer How to place FreeRTOS in secure memory and the user tasks in non-secure memory? Latest 4 months ago by Joseph Yiu 21 replies 13017 views