TrustZone technology for Armv8-M

The Armv8-M architecture extends TrustZone technology to Cortex-M based systems, enabling robust levels of protection at all cost points. TrustZone reduces the potential for attack by isolating the critical security firmware and private information, such as secure boot, firmware update, and keys, from the rest of the application.

TrustZone technology offers an efficient, system-wide approach to security with hardware-enforced isolation built into the CPU. It does this by running two domains side-by-side and sharing resources per set configuration.

Diagram showing Arm TrustZone secure and non-secure

Webinars

A guide to securing your IoT device using TrustZone for Cortex-M

Examine concepts like Secure and Non-secure domains, setting up a TrustZone RTOS, and debugging a secure application.

Watch now

Getting started with TrustZone for Cortex-M

Develop a secure application starting with architecture design and isolation and ending with implementation. Watch a demo using the Microchip SAML11 TrustZone-enabled microcontroller.

Watch now

IoT security for software developers: how PSA can help...

Secure your IoT products with Platform Security Architecture (PSA) APIs, TrustZone technology and Trusted Firmware-M.

Watch now

The Platform Security Architecture APIs

Learn to design IoT devices and use the PSA Functional APIs to build a secure product.

Watch now

Achieving a secure execution environment on NXP TrustZone-enabled MCUs

Implement a secure execution environment for microcontrollers. Learn how to maintain real-time and low-power properties of the system using NXP’s LPC5500 MCU series.

Watch now

Using the TrustZone-enabled NuMicro M2351 and CMSIS-Zone

Develop secure IoT applications on the Nuvoton NuMicro M2351. Learn how to apply the approach on real target hardware, using CMSIS-Zone for setting up the Secure and Non-secure partitions.

Watch now

Working with TrustZone in a secure IAR Systems workflow

Set up a secure development workflow using IAR Embedded Workbench and IAR Systems C-Trust tool. Use IAR Embedded Workbench to create reliable, efficient TrustZone-based applications.

Watch now

Secure IoT with Microchip and Kinibi-M

Use the Trustonic Kinibi-M to program a MicroChip SAML11 microcontroller, based on the Arm Cortex-M33 processor with TrustZone technology. Generate secure messages that a server or cloud can validate from a device for decryption and display.

Watch now

Documentation

Software developers guide to IoT security

Learn key concepts for developing secure IoT applications including analyzing a system, creating and implementing secure software, and certifying that a system is secure.

Read here

TrustZone technology for the Armv8-M architecture

Learn about the Security states, memory partitions, switching between states, and calling of Secure functions.

Read here

Using TrustZone on Armv8-M

Learn about the features in CMSIS and Keil MDK,so that you can use the Secure and Non-secure domains in the Armv8-M architecture.

Read here

The Armv8-M architecture reference manual

Examine the microcontroller profile of the Armv8-M architecture.

Read here

Fault handling and detection

Learn about how to detect and manage faults in Armv8-M processors.

Read here

Secure software guidelines for Armv8‑M based platforms

Examine the requirements for creating secure software on an Armv8‑M-based platform.

Read here

Armv8‑M processor debug

Learn how to handle the various debug event sources on the Armv8-M architecture.

Read here

Armv8‑M exception handling

Examine how the processor responds to an exception, the properties associated with each exception, and the return behavior.

Read here

RTOS design considerations for Armv8‑M based platforms

Learn about the processor features that have been extended in the Armv8-M architecture that can affect RTOS design.

Read here

System design for Armv8‑M

Examine a system design with the extra components and logic that are required to support an Armv8‑M-based microcontroller.

Read here

ACLE extensions for Armv8‑M

Learn about the Arm C Language Extensions (ACLE) for the Armv8-M architecture and how they build a Secure image.

Read here

Armv8-M processor power management secure state protection

Learn about the interaction between processor power management and security implications.

Read here

Training

TrustZone forArmv8-M

Learn about the security features in the Armv8-M architecture and understand how to configure the Security Attribution Unit to set up Secure and Non-secure memory regions.

Learn more

TrustZone for Armv8-M secure system design

Examine the architectural features that underpin the security partitioning at a software level and how security can be implemented in the wider system using AMBA ABH5.

Learn more

Software and tools

Mbed OS

Mbed OS is a leading open-source RTOS for Arm processors. Use Mbed OS to develop IoT software, generate optimized code with Arm C/C++ Compiler and run code on hundreds of hardware platforms.

Learn more

CMSIS-Pack

A CMSIS-Pack is a software pack that includes source, header, and library files, and documentation, source code templates, and example projects. The pack enables proactive software deployment for specific MCU devices.

Learn more

Trusted Firmware-M

Trusted Firmware-M provides open-source reference documents, specifications, and APIs of PSA-trusted code for Armv8-M based microcontrollers to help you build secure devices.

Learn more

Keil MDK

Keil MDK includes the components that you need to build and debug Arm-based embedded applications, including Arm Compiler, IDE, debugger, RTOS, and middleware.

Learn more

TrustZone-enabled microcontrollers

Get support

Community Forums

Suggested answer Arm Musca A1 - SRAM0 MPC Security attribute during boot
  • Musca-A
  • TrustZone for Armv8-M
  • CoreLink SSE-200
 0 votes 454 views 1 replies Latest 17 days ago by Daniel Oliveira Answer this
Suggested answer Switching from 32bit to 64bit 0 votes 450 views 1 replies Latest 27 days ago by 42Bastian Schick Answer this
Not answered MPU_S and cmse_check_address_range 0 votes 1714 views 0 replies Started 5 months ago by EugeneH Answer this
Answered Non-secure configuration of UART1 on Arm Musca-A1
  • Musca-A
  • TrustZone for Armv8-M
 0 votes 6317 views 4 replies Latest 6 months ago by Daniel Oliveira Answer this
Suggested answer Limit NSC calls to specified RTOS tasks. 1 votes 4966 views 1 replies Latest 8 months ago by Ken.Liu Answer this
Suggested answer How to write values ​​from secure code to non-secure memory.
  • TrustZone for Armv8-M
 0 votes 5068 views 1 replies Latest 8 months ago by Uma Ramalingam Answer this
Suggested answer Arm Musca A1 - SRAM0 MPC Security attribute during boot Latest 17 days ago by Daniel Oliveira 1 replies 454 views
Suggested answer Switching from 32bit to 64bit Latest 27 days ago by 42Bastian Schick 1 replies 450 views
Not answered MPU_S and cmse_check_address_range Started 5 months ago by EugeneH 0 replies 1714 views
Answered Non-secure configuration of UART1 on Arm Musca-A1 Latest 6 months ago by Daniel Oliveira 4 replies 6317 views
Suggested answer Limit NSC calls to specified RTOS tasks. Latest 8 months ago by Ken.Liu 1 replies 4966 views
Suggested answer How to write values ​​from secure code to non-secure memory. Latest 8 months ago by Uma Ramalingam 1 replies 5068 views