GlobalPlatform TEE* & ARM TrustZone technology: Building security into your platform

Similar documents
UNCLASSIFIED Version 1.0 May 2012

Hardware accelerated Virtualization in the ARM Cortex Processors

Secure Containers. Jan Imagination Technologies HGI Dec, 2014 p1

Android Virtualization from Sierraware. Simply Secure

M-Shield mobile security technology

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

Virtualization in the ARMv7 Architecture Lecture for the Embedded Systems Course CSD, University of Crete (May 20, 2014)

Embedded Java & Secure Element for high security in IoT systems

ARM Processors and the Internet of Things. Joseph Yiu Senior Embedded Technology Specialist, ARM

Sierraware Overview. Simply Secure

ARM Webinar series. ARM Based SoC. Abey Thomas

CSE597a - Cell Phone OS Security. Cellphone Hardware. William Enck Prof. Patrick McDaniel

ARM Security Technology

Comprehensive Security for Internet-of-Things Devices With ARM TrustZone

High Performance or Cycle Accuracy?

ZigBee Technology Overview

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

M-Shield Mobile Security Technology: making wireless secure

Università Degli Studi di Parma. Distributed Systems Group. Android Development. Lecture 1 Android SDK & Development Environment. Marco Picone

IOMMU: A Detailed view

Trustworthy Computing

OMAP platform security features

Leveraging Thin Hypervisors for Security on Embedded Systems

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

MXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T F

OpenSPARC T1 Processor

Development With ARM DS-5. Mervyn Liu FAE Aug. 2015

ARM TrustZone and KVM Coexistence with RTOS For Automotive

Introduction to AMBA 4 ACE and big.little Processing Technology

A Scalable VISC Processor Platform for Modern Client and Cloud Workloads

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

BitLocker Drive Encryption Hardware Enhanced Data Protection. Shon Eizenhoefer, Program Manager Microsoft Corporation

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

CoreSight SoC enabling efficient design of custom debug and trace subsystems for complex SoCs

Hardware Security Modules for Protecting Embedded Systems

<t base Trusted Application Development

Full and Para Virtualization

A Perspective on the Evolution of Mobile Platform Security Architectures

big.little Technology Moves Towards Fully Heterogeneous Global Task Scheduling Improving Energy Efficiency and Performance in Mobile Devices

Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN

AppliedMicro Trusted Management Module

Security Technology for Smartphones

What is a System on a Chip?

BroadSAFE Enhanced IP Phone Networks

Network connectivity controllers

Secure data processing: Blind Hypervision

Windows Server Virtualization & The Windows Hypervisor

IoT Security Concerns and Renesas Synergy Solutions

EMV-TT. Now available on Android. White Paper by

High-Performance, Highly Secure Networking for Industrial and IoT Applications

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

Chapter 1 Computer System Overview

WIND RIVER SECURE ANDROID CAPABILITY

Introducing etoken. What is etoken?

Going Linux on Massive Multicore

Virtual Machine Security

Embedded Development Tools

How Zero IT Can Be. A New Way to Desktop Virtualization. Gernot Fels Product Marketing. 0 Copyright 2011 FUJITSU

OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE. Guillène Ribière, CEO, System Architect

Virtualization. Jia Rao Assistant Professor in CS

ARM Cortex -A8 SBC with MIPI CSI Camera and Spartan -6 FPGA SBC1654

Android Development. Lecture AD 0 Android SDK & Development Environment. Università degli Studi di Parma. Mobile Application Development

The new 32-bit MSP432 MCU platform from Texas

Berlin Institute of Technology FG Security in Telecommunications

ios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback -

Digitale Signalverarbeitung mit FPGA (DSF) Soft Core Prozessor NIOS II Stand Mai Jens Onno Krah

Fastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems

Example of Standard API

Von der Hardware zur Software in FPGAs mit Embedded Prozessoren. Alexander Hahn Senior Field Application Engineer Lattice Semiconductor

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Trustworthy Execution on Mobile Devices: What security properties can my mobile platform give me?

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Multi-core Programming System Overview

Hyper-V Networking. Aidan Finn

1. Computer System Structure and Components

Mobile Payment Security discussion paper

Chapter 5 Cloud Resource Virtualization

Hardware Based Virtualization Technologies. Elsie Wahlig Platform Software Architect

Mobile Platform Security Architectures A perspective on their evolution

Using a Generic Plug and Play Performance Monitor for SoC Verification

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

Universal Flash Storage: Mobilize Your Data

PikeOS: Multi-Core RTOS for IMA. Dr. Sergey Tverdyshev SYSGO AG , Moscow

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

Mobile Sicherheitein sicheres Ecosystem für die mobile Kommunikation

Nested Virtualization

Virtualization. Pradipta De

The MIPS architecture and virtualization

Security Overview for Windows Vista. Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation

Deeply Embedded Real-Time Hypervisors for the Automotive Domain Dr. Gary Morgan, ETAS/ESC

Exploring the Design of the Cortex-A15 Processor ARM s next generation mobile applications processor. Travis Lanier Senior Product Manager

evm Virtualization Platform for Windows

Satish Mohan. Head Engineering. AMD Developer Conference, Bangalore

Symbian phone Security

Transcription:

GlobalPlatform TEE* & ARM TrustZone technology: Building security into your platform Rob Coombs Security Marketing Director Simon Moore Security Technical Marketing Director * Trusted Execution Environment 1

Agenda Introduction The Four Compartment Security Model Comparing the Hypervisor and the TrustZone based Trusted Execution Environment TrustZone Media Protection Achieving Secure by default using TrustZone based TEE & TrustZone Ready Summary 2

The Vision System wide security delivering trusted services and applications Any content on any screen Enterprise strength security for business apps Protecting payment transactions from fraud Based on a range of ARM technology that can match the use case Protected Trusted Secure 3

The Threat Environment Malware Social engineering, trojans, phishing, APT Theft and loss of devices Weak security controls no PIN lock User intervention jail breaking, unlocking, etc. 4

Security Profiles SmartCards / HSMs Cost/Effort To Attack GlobalPlatform TEE Invasive HW Attacks Well resourced and funded Unlimited time, money & equipment. Software Attacks Malware & Viruses Social engineering Non-invasive HW Attacks Side channels (DEMA, DPA) Physical access to device JTAG, Bus Probing, IO Pins, etc. Cost/Effort to Secure 5

Security Inside a Modern Mobile Device Secure Element for tamper proof security e.g. card data, wallet Hypervisor Small, certifiable Trusted Execution Environment inside Application processor isolated using TrustZone technology Hypervisor & system MMUs 6

4 Compartment Model Hierarchy of Trust Secure Domain Secure Element Smartcard SIM & TPM Tamper Proof, Physically Isolated, EAL Certified SecurCore SEE Trusted Domain Secure Firmware Device Management Key Management Trusted Applications executing from a Trusted Execution Environment TrustZone TEE Protected Domain Protected Video Path BYOD System Management Virtual Machines and bus masters isolated by a Hypervisor Hypervisor HYP Rich Domain User Apps Rich OS Android or other OS Privileged Supervisor Mode 7

Virtualization on ARM Latest ARM cores provide support for virtualization extensions using HYP mode MMU/HYP and Hypervisor provide isolation Result is a protected area for sensitive code and data System MMUs can be added to non CPU DMA masters for system wide virtualization Consumer Preference Personal Apps Consumer OS Hypervisor Enterprise Apps Enterprise OS TrustZone TrustZone Monitor Trusted Execution Environment Trusted Apps Trusted OS Corporate Identity Management Enterprise IT Provisioned 8

TrustZone based TEE Hardware root of trust Trusted Boot Trusted Execution Environment Small security boundary Assured/Certifiable security Hardware Isolation provided by TrustZone provides system wide, hardware security isolation: processor, fabric, internal/external memory, interrupts, debug 9

GlobalPlatform TEE Primary device environment runs as normal, including other security mechanisms Security critical code and resources protected by TEE applications GlobalPlatform APIs ensure portability across handsets & platforms TEE provides the constant security foundation independent of OS choice Integrity and trust underpinned by SoC hardware Control of secure resources (e.g. UI, SE) 10

Comparison of Hypervisor and TEE Boot Type 1 Hypervisor Boots after TEE and before guest OS s Isolation Each OS in a separate VM = separate view of memory Provided by HYP +hypervisor Integration Secure debug Combined VM & TEE Requires no OS modification for new cores with HYP No Hypervisor is optionally the gatekeeper for secure world TrustZone based TEE TrustZone provides Root of Trust and isolated boot code TEE normally part of Trusted Boot Built into architecture, extends across SoC with NS bit Needs to be integrated by silicon partner and OEM Yes Can provide integrity checking to the hypervisor 11

Spectrum of Security Solutions Virtualisation Trusted Execution Environment + TrustZone Secure Element User space & OS Separation: Enterprise & Mobile Protection from Software attack: Trusted Apps Protection from Hardware attack: Tamper proof Example solutions OK Labs SC300 Content isolation Platform abstraction Environment separation Platform management Typical use cases Payment Identity management Operator services Content Protection Secure Storage Network Identity Wallet 12

Spectrum of Security Solutions Virtualisation Trusted Execution Environment + TrustZone Secure Element User space & OS Separation: Enterprise & Mobile Protection from Software attack: Trusted Apps Protection from Hardware attack: Tamper proof Example solutions OK Labs SC300 Content isolation Platform abstraction Environment separation Platform management Typical use cases Payment Identity management Operator services Content Protection Secure Storage Network Identity Wallet Rich area for business growth & innovation 13

Spectrum of Security Solutions Virtualisation Trusted Execution Environment + TrustZone Secure Element User space & OS Separation: Enterprise & Mobile Protection from Software attack: Trusted Apps Protection from Hardware attack: Tamper proof Example solutions OK Labs SC300 Content isolation Platform abstraction Environment separation Platform management Typical use cases Payment Identity management Operator services Content Protection Secure Storage Network Identity Wallet Rich area for business growth & innovation 14

Content Protection: TEE & NSAID* Display TRUSTED MEDIA PROTECTION PLATFORM v1 Non- Trusted CPUs TZASC 400 DDR DISPLAY VIDEO AUDIO RICH OS APPS TEE Processor Cluster (1 to 8 CPUs) USER RichOS Trusted Boot ROM Engines Firmware Data Structures Frame Buffers Trusted SRAM CRYPTO INTERCONNECT FLASH SoC Firmwares TEE addition for the TZMPv1 Protection Platform HDCP DISPLAY HDMI NSAID= DISPLAY Non-Trusted World Trusted World (ARM TrustZone hardware extension) Protected World (ARM NSAID hardware extension) VIDEO DECODER MALI V500 NSAID= VIDEO AUDIO DECODER NSAID= AUDIO GPU Configuration Trusted Peripherals Efuse TrustZone based TEE protects: DRM Keys Crypto setup TZASC400 uses NSAID to provide isolated memory regions: Decrypted content Decoded content Display processors *Non-Secure Access ID 15

TZC-400 TrustZone Controller Controls access by Masters to different memory regions using NSAID* Provides access control to 8 memory region Can filter NSBIT or NSAID accesses Can filter READ or WRITE accesses Fast Path for ZERO cycles latency Extends Trusted Memory to cheap external DRAM MASTER A NSAID=A MASTER B TZASC400 MASTER C Memory Controller - DMC MASTER D MASTER E MASTER NSAID=B NSAID=C NSAID=D NSAID=E NSBIT=0 Interconnect CCI/CCN/NIC Master A Master B Master C Master D Write Read Write Read Write Read Address Map Region 0 Region 1 Region 2 DDR DDR REGION1 REGIONn REGION7 DDR DDR REGION1 REGIONn REGION7 Non-Trusted World Trusted World Protected World 16

Content Protection: HYP, SMMU & TEE TRUSTED MEDIA PROTECTION PLATFORM v2 Non- Trusted CPUs APPS TEE Processor Cluster (1 to 8 CPUs) USER RichOS VIDEO AUDIO GPU RENDER Thin hypervisor software CRYPTO Display HDCP DISPLAY HDMI VIDEO DECODER MALI V500 AUDIO DECODER GPU TrustZone based TEE protects: DRM Keys Crypto setup Integrity check to hypervisor MMU400 DDR DISPLAY DDR VIDEO AUDIO GPU RENDER RICH OS Trusted Boot ROM Engines Firmware Data Structures Frame Buffers INTERCONNECT Trusted SRAM FLASH FLASH SoC Firmwares SoC Firmwares TEE addition for the TZMPv2 Protection Platform Non-Trusted World Trusted World (ARM TrustZone hardware extension) Protected World (ARM Hypervisor hardware extension) MMU400 MMU400 MMU400 MMU400 Configuration Trusted Peripherals Efuse Hypervisor protects: Software components e.g. software video codec System MMU (MMU-400) provides: Memory protection to masters Handles fragmented buffers 17

ARM System IP for Media Protection ARMv8 TRUSTED MEDIA Crypto PROTECTION ISA PLATFORM v2 Non- Trusted CPUs MMU-400 TZC400 DMC-400 DDR DISPLAY DDR VIDEO AUDIO GPU RENDER ENTERPRISE OS RICH OS APPS TEE USER RichOS Processor Cluster ENTERPRISE OS VIDEO AUDIO Trusted Boot ROM GPU Trusted SRAM RENDER Thin hypervisor software Engines Firmware Data Structures Frame Buffers CRYPTO CCI-400 or NIC-400 Interconnect FLASH FLASH SoC Firmwares SoC Firmwares TEE addition for the TZMPv2 Protection Platform Display HDCP DISPLAY HDMI MMU-400 Non-Trusted World Trusted World (ARM TrustZone hardware extension) Protected World (ARM Hypervisor hardware extension) VIDEO DECODER MALI-V500 AUDIO DECODER GPU MALI T-6xx MMU-400 MMU-400 MMU-400 Configuration Trusted Peripherals Efuse ARM Cortex-A CPUs ARM v8 Crypto Extension ARM CoreLink Interconnects (CCI) ARM CoreLink DMC-400 ARM CoreLink TZC400 ARM CoreLink MMU400 ARM CoreSight Debug ARM Mali-V500 Video Decoder ARM Mali GPU ARM SecurCore 18

CHARACTERISTICS OF SECURE PLATFORMS 19

Characteristics of Secure Platforms How can an ARM based Application Processor provide the characteristics of a secure platform? And how can it meet the standard of security required by government? In the UK the UK Government's National Technical Authority for Information Assurance (IA) provides openly published recommendations on how to secure computing environments and platforms and how to design systems to be secure by default. We ll use this as a publicly available source of best practice. 20

Characteristics of Secure Platforms Processor Security Controls Limit Access and Cannot be Bypassed TrustZone Monitor provides a single point of entry into the Trusted World which cannot be bypassed. It acts as gatekeeper and can control the interaction between the two worlds Mechanisms to enter into the secure state are well defined Within the Trusted World, Privileged and User states exist, and can have separate page tables from the Normal world so Trusted Applications within the Trusted World need not necessarily have access to all secure peripherals allowing a further hierarchy of control 21

Characteristics of Secure Platforms Direct Memory Access (DMA) is Limited and Controlled Access to secure peripherals by bus masters is limited to only on-chip bus masters Bus masters can be restricted to be non-secure only by configuration, preventing their access to secure assets The process of deciding what peripherals and bus masters are capable of being within the Trusted World is an important aspect of the system design and directly influences the robustness of the security design 22

Characteristics of Secure Platforms DMA from External Devices is Additionally Protected The AXI secure control signal is not carried off chip, thereby protecting on-chip Trusted World assets from external attack Central Processor Access From Other Processing Elements is Minimised and Controlled Only secure bus masters can access Trusted World assets 23

Characteristics of Secure Platforms Processes Consuming Platform Resources can be Identified and Controlled Resource allocation can be securely controlled and supervised by a Trusted Application running within the TEE Alternatively, a Trusted Application can be used to monitor and supervise the OS in arbitration of system resources 24

Characteristics of Secure Platforms Debug Functionality Does Not Compromise Security TBSA requires debug be correctly managed in production devices I/O Control Secure I/O can be controlled from with the Trusted World. All secure peripherals can be selectively chosen to be secure or non-secure as required Secure paths for video, audio and user input can be configured by the Trusted World depending on operation 25

Characteristics of Secure Platforms Secure Device Identity The Trusted World can be used to securely store keys, and to protect secure identification assets such as serial numbers for IMEI or MAC addresses This allows strong authentication at the application layer, or when network drivers are placed in the Trusted World, can also allow secure authentication lower down the network stack and preventing spoofing of unauthorised identification numbers Secure Credential Storage The Trusted World can be used to securely store private keys. Cryptographic operations can then occur within the Trusted World by applications in the Normal World, without compromising the security of the keys 26

Characteristics of Secure Platforms Measured/Verified Boot The Trusted Base Boot Requirements specification (TBBR) recommends how to construct a Trusted Boot sequence In addition, a Trusted Application executing within the Trusted Execution Environment can provide a secure means to store measurements to provide virtual TPM functionality. This can be used in booting the Rich OS, to secure it s boot process Secure Update/Recovery Secure Firmware update is specified as part of the Trusted Base Boot Requirements specification (TBBR) 27

Characteristics of Secure Platforms Control Flow Integrity The ARM C Compiler/DS-5, provides stack checking functionality for protecting the integrity of system and application software The MMU provide a XN/eXecute Never bit, to ensure data pages cannot be executed Security Primitives The ARMv8 architecture provides additional instructions for AES and SHA-1 and SHA-256 TBSA specifies RNG 28

TrustZone Ready Program These recommendations are documented, and made available as part of ARM s TrustZone Ready Program. The security recommendations are contained in the documents: Trusted Base System Architecture (TBSA) Trusted Board Boot Requirements (TBBR) 29

TrustZone Ready Program Market Requirements Desired Services Industry Factors Security Docs: Trusted Base System Arch & Trusted Boot TEE Integration Interoperability SoC Platform Definition Industry Certification SoC Platform Assurance SoC Checklist Standard APIs 30

Conclusion TrustZone security extensions together with the GlobalPlatform Trusted Execution Environment can provide a strong and robust secure platform These recommendations can be applied to many common use cases: Secure delivery of Premium Content Online and mobile banking and payment Securing platforms for Enterprise use TrustZone Ready Program and ARM s System IP can simplify the implementation of system wide security 31

32 Questions?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information