Text: arm TRUSTZONE (logo).

Introducing Arm TrustZone

Arm TrustZone technology provides system-wide hardware isolation for trusted software. The family of TrustZone technologies can be integrated into any Arm Cortex-A core, supporting high-performance applications processors, with TrustZone technology for Cortex-A processors.

It also supports the latest Cortex-M23 and Cortex-M33 based systems, thanks to the release of the Armv8-M architecture, filling the market need for efficient secure embedded solutions.

Want to know more about Security on Arm?

Want to know more about Arm TrustZone?

The basics of Arm TrustZone

Arm TrustZone creates an isolated secure world which can be used to provide confidentiality and integrity to the system. It is used on billions of applications' processors to protect high-value code and data for diverse use cases including authentication, payment, content protection and enterprise. On application processors it is frequently used to provide a security boundary for a GlobalPlatform Trusted Execution Environment.

Hardware architecture: enabling a ‘secure’ and a ‘non-secure’ world

The goal of the Arm TrustZone hardware architecture

The primary security objective of the Arm TrustZone hardware architecture is actually rather simple - to enable the construction of a programmable environment that allows the confidentiality and integrity of almost any asset to be protected from specific attacks. A platform with these characteristics can be used to build a wide-ranging set of security solutions which are not cost-effective with traditional methods.

Instead of providing a fixed one-size-fits-all security solution, Arm TrustZone technology provides the infrastructure foundations, that allow the SoC designer to choose from a range of components that can fulfil specific functions within the security environment.

The security of the system is achieved by partitioning all of the SoC's hardware and software resources so that they exist in one of two worlds - the secure world for the security subsystem and the non-secure world for everything else.


How it works: Arm TrustZone-enabled AMBA bus fabric

Hardware logic present in the Arm TrustZone-enabled AMBA bus fabric ensures that no secure world resources can be accessed by the non-secure world components, enabling a strong security perimeter to be built between the two. A design that places sensitive resources in the secure world, and implements robust software running on the secure processor cores, can protect almost any asset against many of the possible attacks. This includes those which are normally difficult to secure, such as passwords entered using a keyboard or touch-screen.


How it works:  using processor extensions

Another key advantage of the Arm TrustZone hardware architecture is the extensions that have been implemented in some of the Arm processor cores. These additions enable a single physical processor core to safely and efficiently execute code from both the ‘normal world’ and the ‘secure world’ in a time-sliced fashion. This removes the need for a dedicated security processor core, which saves silicon area and power. It also allows high performance security software to run alongside the ‘normal world’ operating environment. Each physical processor core provides two virtual cores, one considered ‘non-secure’ and the other ‘secure’, plus a mechanism to robustly context switch between them. The security state is encoded on the system bus and this enables trivial integration of the virtual processors into the system security mechanism; the ‘non-secure’ virtual processor can only access ‘non-secure’ system resources, but the ‘secure’ virtual processor can see all resources.


How it works: security-aware debug infrastructure

The final aspect of the Arm TrustZone hardware architecture is a security-aware debug infrastructure, which can enable control over access to secure world debug, without impairing debug visibility of the ‘normal’ world. For Arm Cortex-A processors that support the security extensions, the transition between ‘non-secure’ world and ‘secure’ world is managed by software via a Secure Monitor Call (SMC) which runs at the highest level of privilege e.g. Exception Level 3 (EL3). For microcontrollers that support Arm TrustZone, the world switch is a hardware transition which is more appropriate for resource constrained chips.

Want to know more about Arm TrustZone for Arm Cortex-A processors? 

Learn more

TrustZone for Armv8-A vs. TrustZone for Armv8-M

Feature/Architecture TrustZone for Armv8-A TrustZone for Armv8-M 
Additional security states

SEL0 - Trusted Apps

SEL1 - Trusted OS

EL3 - Trusted Boot and Firmware (Armv8-A)

Secure thread - Trusted code/data

Secure handler - Trusted device drivers, RTOS, Library managers...

Secure interrupts Yes Yes (Fast) 
State transition (Boundary crossing) Software transition Hardware transition (Fast) 
Memory management Virtual memory MMU with secure attributes Secure Attribution Unit (SAU) and MPU memory partitions
System interconnect security Yes Yes
Secure code, data and memory Yes Yes
Trusted boot  Yes Yes
Software Arm trusted firmware (and third-party TEEs)  Keil CMSIS, Arm mbed OS, mbed uVisor and third-party software 

Arm TrustZone Software

Arm TrustZone Software for Armv8-A

For Armv8-A based application processors Arm provides an open source reference implementation of an authenticated trusted boot flow and a secure runtime (BL31).  Arm Trusted Firmware is available on GitHub under a permissive BSD licence and can be easily integrated with a commercial or open source Trusted OS to create a Trusted Execution Environment.  Included in the runtime is a secure world monitor, interrupt routing and an implementation of Power State Co-ordination Interface (PSCI) that is used by all major non-secure world operating systems to ease integration between supervisory software from different vendors working at different levels of privilege. There is a port of Arm Trusted Firmware to the Juno development platform and it is widely adopted by silicon partners.  For more information, please visit the Arm Trusted Firmware project on GitHub.

Arm TrustZone Software for Armv8-M

Arm is enabling secure world software development on microcontrollers using Keil development tools and FPGAs.  If you are interested in developing secure world software for Armv8-M please contact your local sales office and enquire about availability of tools, models and boards.

Trusted Execution Environment (TEE)

GlobalPlatform is a standards-defining organisation that provides software APIs, compliance and certification schemes for the Trusted Execution Environment (TEE).  The work is done in the Device Committee with the aim of creating trusted chip technology that can be used to provide confidentiality and integrity to trusted code and data. The TEE consists of three parts: hardware-based isolation technology (such as Arm TrustZone), trusted boot and a small trusted OS. The TEE can be used to run multiple isolated trusted apps which may be provisioned over the air. Compared to other security technologies the TEE provides higher performance and access to larger amounts of memory.

Typical use cases for a Arm TrustZone based TEE include: trusted boot, integrity management, authentication, payment, content protection, crypto and mobile device management.  Secure world device drivers can be used to interface to peripherals and for example used to enable trusted user interfaces.

A GlobalPlatform TEE can be used alongside other security technology such as secure elements, hypervisors and security sub-systems to provide multi-layered defence.  The TEE is designed to protect against software attacks (e.g. malware) and common physical attacks (so called "shack" attacks).  GlobalPlatform have created a Protection Profile for the TEE which provides detailed information on the attacks that a TEE should resist.

Learn more

Arm TrustZone for Armv8-M

The Armv8-M architecture extends Arm TrustZone technology to Arm Cortex-M systems such as microcontrollers, enabling robust levels of protection at all cost points.

Secure resources are protected from non-secure access, enabling the system designer to isolate and compartmentalize their design. This is achieved through a Secure Attribution Unit (SAU) that is similar to an MPU. Since the transitions between the two states are hardware based, they are almost instantaneous and thus maintain the real time performance and reduced software overhead associated with Arm's Cortex-M microcontroller profile.

Writing code for the 'normal world' remains the same as before: the application has access to privileged and non-privileged space plus interrupts. To call on libraries in the secure world, function entry points are linked into the project. This design simplifies software development for Arm Cortex-M processors that incorporate Arm TrustZone technology.

Typically, system suppliers will provide some secure code to setup and run the security attributes across all components within a system. In a typical implementation the design will be partitioned so that the code in the secure state is kept as small as possible to reduce the attack surface and vulnerabilities. Similar to Arm TrustZone for Cortex-A processors, programs running in secure state can access both secure and non-secure information, whereas non-secure programs can only access non-secure resources.

Need to know more about TrustZone for Armv8-M?

Join the community to get your questions answered

Read the Architecture Overview

TrustZone for Armv8-M - blogs and whitepapers

Other resources you may find useful