A tamper-resistant Cortex-M processor with optional software isolation using TrustZone for Armv8-M.

Block Diagram on Cortex-M35.


For embedded developers seeking to hinder physical tampering and achieve a higher level of security certification, Arm offers the Cortex-M35P: a robust, high-performing processor. It builds upon the proven Arm Cortex-M technology deployed in billions of SoCs, making physical and software security accessible for all developers. 

Physical security is generally complex – however, the ease-of-use of the Cortex-M35P processor, combined with the support of Arm and the Arm ecosystem, now open the door for embedded developers to deliver many new devices with physical resilience at the heart.

Why choose Cortex-M35P?


Design confidently
Based on proven, widely-supported security technology

Protect flexibly
Physical security with optional advanced features

Accelerate success
Broad IP portfolio and ecosystem support

  • Extends the physical resilience technology deployed in billions of SecurCore processors

  • Incorporates TrustZone technology, supported in billions of Cortex-A based devices

  • Reuses existing knowledge with the same programmers’ model deployed by millions of Cortex-M developers

  • Adds physical resilience to the familiar Cortex-M family, without compromising performance

  • Flexible, with optional features for advanced functionality, including signal processing

  • Extra safety (lockstep, configurable parity, observability) for system safety functions

  • Optimized fit within our comprehensive Arm security solution portfolio

  • Easy to integrate - reuse existing software built on Cortex-M based devices

  • Supported by the world’s #1 embedded ecosystem with the largest open knowledge base



Integrated or Embedded Secure Elements

Secure embedded applications






Biometric data

Key technical features

Cortex-M35P extends the anti-tampering features of the SecurCore family of processors, making this state-of-the art technology available to Cortex-M developers. Robust embedded security is more accessible than ever with the benefits of both physical and software security, using the optional TrustZone isolation.

Resilience against physical attacks

When the value of the protected assets is high, then hackers will resort to physical attacks on the device. The processor is built with multiple elements to protect from and detect such attacks.

TrustZone for Armv8-M

A foundation for security for embedded devices. TrustZone offers software isolation to code, memory and I/O while retaining the requirements of embedded applications: real-time deterministic response, minimal switching overhead, and ease of software development.

Interested in learning how to program Secure and Non-secure domains on a processor with TrustZone?

Explore more resources and get your questions answered on our TrustZone for Armv8-M Community.

Instruction cache

An integrated cache improves performance when running from embedded flash. The cache is resilient to physical attacks. The user can modify the customizable cache parity into an ECC (error correcting code) for safety applications.

Co-processor interface

A dedicated bus for extending the operation of the processor with tightly coupled co-processors to handle frequent and compute intensive operations in an ecosystem friendly manner. The interface supports up to eight accelerators and takes into account the security state of the co-processor.

Digital Signal Processing (DSP), SIMD, saturating arithmetic, fast MAC

Powerful instruction set for accelerating DSP applications, built right into the processor. A highly optimized DSP library built using these instructions is available free-of-charge from the Arm website (CMSIS Library).

Memory Protection Unit (MPU)

Software reliability and system security improves when each module is allowed access only to specific areas of memory required for it to operate. This protection prevents unexpected access that may overwrite critical data. Each of the security zones can have a dedicated MPU that may be configured with a different number of regions. Programming the regions is easier, removing the constraint to align regions on power-of-two size.

Integrated Nested Vectored Interrupt Controller (NVIC)

There is no need for a standalone external interrupt controller. Interrupt handling is taken care of by the NVIC removing the complexity of managing interrupts manually via the processor.

Powerful debug and non-intrusive real-time trace

Comprehensive debug and trace features dramatically improve developer productivity. Debug support and cycle accurate non-intrusive instruction and data trace for all stages of development supports high stakes secure projects as they move through development lifecycle.

The Cortex-M35P processor achieves an optimal blend between real-time determinism, energy efficiency, software productivity and a robust security foundation, using isolation to protect valuable IP and data with TrustZone technology and physical security.



Armv8-M Mainline (Harvard)

ISA Support




Software security

Optional TrustZone for Armv8-M, stack pointers checking

Physical security

Built-in protection from invasive and non-invasive attacks

DSP Extensions

Optional DSP/SIMD instructions

Single cycle 16/32-bit MAC

Single cycle dual 16-bit MAC

8/16-bit SIMD arithmetic

Floating Point Unit

Optional single precision floating point unit

IEEE 754 compliant

Co-processor interface

Optional dedicated co-processor bus interface for up to 8 co-processor units for custom compute

Memory Protection

Optional Memory Protection Unit (MPU) with up to 16 regions per security state


Non-Maskable Interrupt (NMI) and up to 480 physical interrupts with 8 to 256 priority levels

Wake-up Interrupt Controller

Optional for waking up the processor from state retention power gating or when all clocks are stopped

Sleep Modes

Integrated Wait for Event (WFE) and Wait for Interrupt (WFI) instructions with Sleep On Exit functionality


Optional JTAG and Serial Wire Debug ports. Up to 8 Breakpoints and 4 Watchpoints


Optional Instruction Trace (ETM), Micro Trace Buffer (MTB), Data Trace (DWT), and Instrumentation Trace (ITM)


Instruction cache

Want to know more about Arm’s physical security solutions?

Learn more

Explore our TrustZone for Armv8-M Community

Access whitepapers, blogs, webinars, Q&A and more! 

Register for free to ask a question to one of our technical experts, 24/7.

Learn more

Related IP and tools

The Cortex-M35P processor can be incorporated into an SoC using a broad range of Arm technology, including system IP and physical IP, speeding up time to market and optimizing implementation. It is fully supported by development tools from Arm and the world’s #1 embedded ecosystem.

Related IP and tools include:

Related IP


SCA mitigation IP

Arm DS-5 Development Studio

IoT SoC solutions

Arm Compiler

TrustZone CryptoIsland and CryptoCell

Cortex-M Prototyping System

Cortex-M System Design Kit

Fast Models

AMBA System Controllers

TrustZone for Armv8-M 

Arm CoreLink CG092 AHB flash cache


Arm training courses and on-site system-design advisory services enable licensees to efficiently integrate the Cortex-M35P processor into their design to realize maximum system performance with lowest risk and fastest time-to-market.

Arm training courses Arm Design Reviews

  • Manual containing technical information.
  • Cortex-M35P Technical Reference Manual

    For system designers, integrators and testers, the Technical Reference Manual (TRM) provides details of the Cortex-M35P processor.

    Coming early 2019

  • A program that is running on a desktop.
  • White Paper: Armv8-M architecture

    Download this White Paper to get a technical overview of the Armv8-M architecture and an introduction to TrustZone security technology.

    Read here
  • a ulink, a board, a desktop.
  • Embedded development tools for Cortex-M series

    Arm and its ecosystem partners provide a wide range of tools for embedded software development on Arm Cortex-M processors.

    Learn more
  • A program that is running on a desktop.
  • White Paper: Cortex-M for beginners

    This White Paper compares the features of various Cortex-M processors and describes how to select the right processor for the application.

    Read here

  • Product due to be released to  market.
  • Arm Design Reviews

    Arm's on-site design review service gives licensees confidence that their Cortex-M35P CPU is implemented efficiently, to provide maximum system performance, with lowest risk and fastest time-to-market.

    Learn more
  • The top half of a human.
  • Questions? Request more information

    Learn more about Cortex-M35P, the first tamper-resistant Armv8-M processor with TrustZone technology. Contact us to speak with our technical team.

    Find out more