survey

Demystifying Arm TrustZone: A Comprehensive Survey

Authors:
Sandro Pinto

Centro Algoritmi, Universidade do Minho, Guimaraes, Portugal

Centro Algoritmi, Universidade do Minho, Guimaraes, Portugal

0000-0003-4580-7484
View Profile

,
Nuno Santos

INESC-ID, Instituto Superior Técnico, Universidade de Lisboa, Lisboa, Portugal

INESC-ID, Instituto Superior Técnico, Universidade de Lisboa, Lisboa, Portugal
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 51 Issue 6Article No.: 130pp 1–36https://doi.org/10.1145/3291047

Published:28 January 2019Publication History

ACM Computing Surveys

Abstract

The world is undergoing an unprecedented technological transformation, evolving into a state where ubiquitous Internet-enabled “things” will be able to generate and share large amounts of security- and privacy-sensitive data. To cope with the security threats that are thus foreseeable, system designers can find in Arm TrustZone hardware technology a most valuable resource. TrustZone is a System-on-Chip and CPU system-wide security solution, available on today’s Arm application processors and present in the new generation Arm microcontrollers, which are expected to dominate the market of smart “things.” Although this technology has remained relatively underground since its inception in 2004, over the past years, numerous initiatives have significantly advanced the state of the art involving Arm TrustZone. Motivated by this revival of interest, this paper presents an in-depth study of TrustZone technology. We provide a comprehensive survey of relevant work from academia and industry, presenting existing systems into two main areas, namely, Trusted Execution Environments and hardware-assisted virtualization. Furthermore, we analyze the most relevant weaknesses of existing systems and propose new research directions within the realm of tiniest devices and the Internet of Things, which we believe to have potential to yield high-impact contributions in the future.

References

T. Alves and D. Felton. 2004. TrustZone: Integrated hardware and software security. Tech. In-Depth 3, 4 (2004), 18--24.Google Scholar
Android. 2018. Android Key Store. Retrieved from https://developer.android.com/training/articles/keystore.html.Google Scholar
Arm Ltd. 2017. Arm Platform Security Architecture Overview. White Paper (Revision 1.1).Google Scholar
N. Asokan, T. Nyman, N. Rattanavipanon, A.-R. Sadeghi, and G. Tsudik. 2018. ASSURED: Architecture for secure software update of realistic embedded devices. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 37, 11 (2018), 2290--2300.Google ScholarCross Ref
A. Atamli-Reineh, R. Borgaonkar, R. Balisane, G. Petracca, and A. Martin. 2016. Analysis of trusted execution environment usage in samsung KNOX. In Proceedings of the Workshop on System Software for Trusted Execution. ACM, 7:1--7:6. Google ScholarDigital Library
L. Atzori, A. Iera, and G. Morabito. 2010. The internet of things: A survey. Comput. Netw. 54, 15 (2010), 2787--2805. Google ScholarDigital Library
A. Azab, P. Ning, J. Shah, Q. Chen, R. Bhutkar, G. Ganesh, J. Ma, and W. Shen. 2014. Hypervision across worlds: Real-time kernel protection from the ARM TrustZone secure world. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 90--102. Google ScholarDigital Library
A. Azab, P. Ning, and X. Zhang. 2011. SICE: A hardware-level strongly isolated computing environment for x86 multi-core platforms. In Proceedings of the ACM Conference on Computer and Communications Security. 375--388. Google ScholarDigital Library
R. Balisane and A. Martin. 2016. Trusted execution environment-based authentication gauge (TEEBAG). In Proceedings of the New Security Paradigms Workshop. ACM, 61--67. Google ScholarDigital Library
N. Ben-Yehuda, M. Day, Z. Dubitzky, M. Factor, N. Har’El, A. Gordon, A. Liguori, O. Wasserman, and B.-A. Yassour. 2010. The turtles project: Design and implementation of nested virtualization. In Proceedings of the USENIX Conference on Operating Systems Design and Implementation. USENIX Association. Google ScholarDigital Library
E. M. Benhani, C. Marchand, A. Aubert, and L. Bossuet. 2017. On the security evaluation of the ARM TrustZone extension in a heterogeneous SoC. In Proceedings of the IEEE International System-on-Chip Conference. 108--113.Google Scholar
F. Brasser, D. Kim, C. Liebchen, V. Ganapathy, L. Iftode, and A.-R. Sadeghi. 2016. Regulating ARM TrustZone devices in restricted spaces. In Proceedings of the International Conference on Mobile Systems, Applications, and Services. ACM, 413--425. Google ScholarDigital Library
S. Brenner, D. Goltzsche, and R. Kapitza. 2017. TrApps: Secure compartments in the evil cloud. In Proceedings of the International Workshop on Security and Dependability of Multi-Domain Infrastructures. ACM, Article 5, 6 pages. Google ScholarDigital Library
S. Brenner, C. Wulf, and R. Kapitza. 2014. Running ZooKeeper coordination services in untrusted clouds. In Proceedings of the USENIX Conference on Hot Topics in System Dependability. USENIX Association, 2--2. Google ScholarDigital Library
T. Brito, N. Duarte, and N. Santos. 2016. ARM TrustZone for secure image processing on the cloud. In Proceedings of the IEEE Symposium on Reliable Distributed Systems Workshops. 37--42.Google Scholar
A. Carvalho, V. Silva, F. Afonso, P. Cardoso, J. Cabral, M. Ekpanyapong, S. Montenegro, and A. Tavares. 2016. Full virtualization on low-end hardware: A case study. In Proceedings of the Annual Conference of the IEEE Industrial Electronics Society. 4784--4789.Google Scholar
M. Cereia and I. C. Bertolotti. 2008. Asymmetric virtualisation for real-time systems. In Proceedings of the IEEE International Symposium on Industrial Electronics. 1680--1685.Google Scholar
M. Cereia and I. C. Bertolotti. 2009. Virtual machines for distributed real-time systems. Comput. Stand. Interfaces 31, 1 (Jan. 2009), 30--39. Google ScholarDigital Library
D. Champagne and R. B. Lee. 2010. Scalable architectural support for trusted software. In Proceedings of the International Symposium on High-Performance Computer Architecture. 1--12.Google Scholar
R. Chang, L. Jiang, W. Chen, Y. Xiang, Y. Cheng, and A. Alelaiwi. 2017. MIPE: A practical memory integrity protection method in a trusted execution environment. Cluster Comput. (2017), 1--13. Google ScholarDigital Library
G. Cicero, A. Biondi, G. Buttazzo, and A. Patel. 2018. Reconciling security with virtualization: A dual-hypervisor design for ARM TrustZone. In Proceedings of the IEEE International Conference on Industrial Technology. 1628--1633.Google Scholar
V. Costan and S. Devadas. 2016. Intel SGX explained. IACR Cryptology ePrint Archive 2016 (2016), 86.Google Scholar
V. Costan, I. Lebedev, and S. Devadas. 2016. Sanctum: Minimal hardware extensions for strong software isolation. In Proceedings of the USENIX Security Symposium. USENIX Association, 857--874. Google ScholarDigital Library
C. Dall and J. Nieh. 2014. KVM/ARM: The design and implementation of the linux ARM hypervisor. SIGPLAN Notes 49, 4 (2014), 333--348. Google ScholarDigital Library
M. Dorjmyagmar, M. Kim, and H. Kim. 2017. Security analysis of samsung knox. In Proceedings of the International Conference on Advanced Communication Technology. 550--553.Google Scholar
H. Douglas. 2010. Thin Hypervisor-Based Security Architectures for Embedded Platforms. Master’s thesis, Royal Institute of Technology.Google Scholar
ENISA. 2016. Breaking Android’s Full Disk Encryption. Retrieved from https://www.enisa.europa.eu/publications/info-notes/breaking-android2019s-full-disk-encryption.Google Scholar
Express Logic. 2016. X-WARE Secure Platform for ARM Cortex-M processors. Retrieved from https://rtos.com/news/express-logics-x-ware-secure-platform-provides-secure-solution-for-information-and-safety-sensitive-iot-devices/.Google Scholar
A. Ferraiuolo, A. Baumann, C. Hawblitzel, and B. Parno. 2017. Komodo: Using verification to disentangle secure-enclave hardware from software. In Proceedings of the Symposium on Operating Systems Principles. ACM, 287--305. Google ScholarDigital Library
A. Ferraiuolo, R. Xu, D. Zhang, A. Myers, and G. Suh. 2017. Verification of a practical hardware security architecture through static information flow analysis. SIGOPS Operat. Syst. Rev. 51, 2 (2017), 555--568. Google ScholarDigital Library
A. Fitzek, F. Achleitner, J. Winter, and D. Hein. 2015. The ANDIX research OS - ARM TrustZone meets industrial control systems security. In Proceedings of the IEEE International Conference on Industrial Informatics. 88--93.Google Scholar
T. Frenzel, A. Lackorzynski, A. Warg, and H. Härtig. 2010. ARM trustzone as a virtualization technique in embedded systems. In Proceedings of the 12th Real-Time Linux Workshop.Google Scholar
Gal Beniamini, Project Zero. 2017. Trust Issues: Exploiting TrustZone TEEs. Retrieved from https://googleprojectzero.blogspot.pt/2017/07/trust-issues-exploiting-trustzone-tees.html.Google Scholar
Qian Ge, Yuval Yarom, David Cock, and Gernot Heiser. 2018. A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. J. Cryptogr. Eng. 8, 1 (2018), 1--27.Google ScholarCross Ref
Global Platform. 2011. Retrieved from https://www.globalplatform.org/.Google Scholar
J. González and P. Bonnet. 2014. TEE-based Trusted Storage. Technical Report. IT University Technical Report Series.Google Scholar
J. González and P. Bonnet. 2014. Versatile Endpoint Storage Security with Trusted Integrity Modules. Technical Report. IT University Technical Report Series.Google Scholar
R. Guanciale, H. Nemati, C. Baumann, and M. Dam. 2016. Cache storage channels: Alias-driven attacks and verified countermeasures. In Proceedings of the IEEE Symposium on Security and Privacy. 38--55.Google Scholar
H. Hartig, M. Hohmuth, N. Feske, C. Helmuth, A. Lackorzynski, F. Mehnert, and M. Peter. 2005. The nizza secure-system architecture. In Proceedings of the International Conference on Collaborative Computing: Networking, Applications and Worksharing. 10.Google Scholar
D. Hein, J. Winter, and A. Fitzek. 2015. Secure block device - secure, flexible, and efficient data storage for ARM TrustZone systems. In Proceedings of the IEEE Trustcom/BigDataSE/ISPA. 222--229. Google ScholarDigital Library
Z. Hua, J. Gu, Y. Xia, H. Chen, B. Zang, and H. Guan. 2017. vTZ: Virtualizing ARM TrustZone. In Proceedings of the USENIX Security Symposium. USENIX Association, Vancouver, BC, 541--556. Google ScholarDigital Library
P. Hunt, M. Konar, F. Junqueira, and B. Reed. 2010. ZooKeeper: Wait-free coordination for internet-scale systems. In Proceedings of the USENIX Annual Technical Conference, Vol. 8. 9. Google ScholarDigital Library
Intel. 2009. 64 and IA-32 Architectures Software Developer’s Manual.Google Scholar
Nisha Jacob, Johann Heyszl, Andreas Zankl, Carsten Rolfes, and Georg Sigl. 2017. How to Break Secure Boot on FPGA SoCs Through Malicious Hardware. Springer International Publishing, Cham, 425--442.Google Scholar
J. Jang and B. B. Kang. 2018. Retrofitting the partially privileged mode for TEE communication channel protection. IEEE Trans. Depend. Secure Comput. (2018), 1--1.Google Scholar
J. Jang, S. Kong, M. Kim, D. Kim, and B. B. Kang. 2015. SeCReT: Secure channel between rich execution environment and trusted execution environment. In Proceedings of the Network and Distributed System Security Symposium.Google Scholar
D. Kaplan, T. Woller, and J. Powell. 2016. AMD Memory Encryption Tutorial. White Paper. Retrived from https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdfGoogle Scholar
H. Kim and R. Rajkumar. 2017. Predictable shared cache management for multi-core real-time virtualization. ACM Trans. Embed. Comput. Syst. 17, 1, Article 22 (2017), 27 pages. Google ScholarDigital Library
S. W. Kim, C. Lee, M. Jeon, H. Y. Kwon, H. W. Lee, and C. Yoo. 2013. Secure device access for automotive software. In Proceedings of the International Conference on Connected Vehicles and Expo. 177--181.Google Scholar
K. Kostiainen. 2012. On-board Credentials: An Open Credential Platform for Mobile Devices. Doctoral Dissertation, Aalto University.Google Scholar
K. Kostiainen, N. Asokan, and J.-E. Ekberg. 2011. Practical property-based attestation on mobile devices. In Proceedings of the International Conference on Trust and Trustworthy Computing. Springer-Verlag, 78--92. Google ScholarDigital Library
K. Kostiainen, J. Ekberg, N. Asokan, and A. Rantala. 2009. On-board credentials with open provisioning. In Proceedings of the Symposium on Information, Computer, and Communications Security. ACM, 104--115. Google ScholarDigital Library
Genode Labs. 2014. Genode—An Exploration of ARM TrustZone Technology. Retrieved from http://genode.org/documentation/articles/trustzone.Google Scholar
W. Li, H. Li, H. Chen, and Y. Xia. 2015. AdAttester: Secure online mobile advertisement attestation using TrustZone. In Proceedings of the Annual International Conference on Mobile Systems, Applications, and Services. ACM, 75--88. Google ScholarDigital Library
W. Li, M. Ma, J. Han, Y. Xia, B. Zang, C. Chu, and T. Li. 2014. Building trusted path on untrusted device drivers for mobile devices. In Proceedings of the Asia-Pacific Workshop on Systems. ACM, 8:1--8:7. Google ScholarDigital Library
X. Li, H. Hu, G. Bai, Y. Jia, Z. Liang, and P. Saxena. 2014. DroidVault: A trusted data vault for android devices. In Proceedings of the International Conference on Engineering of Complex Computer Systems. 29--38. Google ScholarDigital Library
J. Lim, C. Dall, S.-W. Li, J. Nieh, and M. Zyngier. 2017. NEVE: Nested virtualization extensions for ARM. In Proceedings of the Symposium on Operating Systems Principles. ACM, 201--217. Google ScholarDigital Library
Linaro. 2014. OP-TEE. https://wiki.linaro.org/WorkingGroups/Security/OP-TEE. Accessed: 2018-02-02.Google Scholar
Z. Ling, K. Liu, Y. Xu, Y. Jin, and X. Fu. 2017. An end-to-end view of iot security and Privacy. In Proceedings of the IEEE Global Communications Conference. 1--7.Google Scholar
Z. Ling, J. Luo, Y. Xu, C. Gao, K. Wu, and X. Fu. 2017. Security vulnerabilities of internet of things: A case study of the smart plug system. IEEE Internet Things J. 4, 6 (Dec 2017), 1899--1909.Google ScholarCross Ref
M. Lipp, D. Gruss, R. Spreitzer, C. Maurice, and S. Mangard. 2016. ARMageddon: Cache attacks on mobile devices. In Proceedings of the USENIX Security Symposium. 549--564. Google ScholarDigital Library
R. Liu and M. Srivastava. 2017. PROTC: PROTeCting drone’s peripherals through ARM TrustZone. In Proceedings of the Workshop on Micro Aerial Vehicle Networks, Systems, and Applications. ACM, 1--6. Google ScholarDigital Library
Arm Ltd. 2009. ARM Security Technology: Building a Secure System using TrustZone Technology.Google Scholar
Arm Ltd. 2015. mbed TLS. Retrieved from https://tls.mbed.org/.Google Scholar
Arm Ltd. 2017. TrustZone technology for ARMv8-M Architecture. Version 2.0.Google Scholar
P. Lucas, K. Chappuis, M. Paolino, N. Dagieu, and D. Raho. 2017. VOSYSmonitor, a low latency monitor layer for mixed-criticality systems on ARMv8-A. In Proceedings of the Euromicro Conference on Real-Time Systems (Leibniz International Proceedings in Informatics), Vol. 76. Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik, Dagstuhl, Germany, 6:1--6:18.Google Scholar
A. Machiry, E. Gustafson, C. Spensky, C. Salls, N. Stephens, R. Wang, A. Bianchi, Y. R. Choe, C. Kruegel, and G. Vigna. 2017. BOOMERANG: Exploiting the semantic gap in trusted execution environments. In Proceedings of the Network and Distributed System Security Symposium.Google Scholar
P. Maene, J. Götzfried, R. de Clercq, T. Müller, F. Freiling, and I. Verbauwhede. 2018. Hardware-based trusted computing architectures for isolation and attestation. IEEE Trans. Comput. 67, 3 (Mar. 2018), 361--374.Google ScholarCross Ref
J. Martins, J. Alves, J. Cabral, A. Tavares, and S. Pinto. 2017. μRTZVisor: A secure and safe real-time hypervisor. Electronics 6, 4 (2017).Google Scholar
B. McGillion, T. Dettenborn, T. Nyman, and N. Asokan. 2015. Open-TEE - an open virtual trusted execution environment. In Proceedings of the IEEE Trustcom/BigDataSE/ISPA, Vol. 1. 400--407. Google ScholarDigital Library
B. Ngabonziza, D. Martin, A. Bailey, H. Cho, and S. Martin. 2016. TrustZone explained: Architectural features and use cases. In Proceedings of the IEE Conference on Collaboration and Internet Computing. 445--451.Google Scholar
Z. Ning, F. Zhang, W. Shi, and W. Shi. 2017. Position paper: Challenges towards securing hardware-assisted execution environments. In Hardware and Architectural Support for Security and Privacy. ACM, Article 6. Google ScholarDigital Library
T. Nyman, J.-E. Ekberg, L. Davi, and N. Asokan. 2017. CFI CaRE: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers. Springer International Publishing, Cham, 259--284.Google Scholar
D. Oliveira, T. Gomes, and S. Pinto. 2018. Towards a green and secure architecture for reconfigurable IoT end-devices. In Proceedings of the ACM/IEEE International Conference on Cyber-Physical Systems. 335--336. Google ScholarDigital Library
Open Mobile Terminal Platform (OMTP). 2009. Advanced Trusted Environment: OMTP TR1. Technical Report (v1.1).Google Scholar
M. Paolino, A. Rigo, A. Spyridakis, J. Fanguede, P. Lalov, and D. Raho. 2015. T-KVM: A trusted architecture for KVM ARM v7 and v8 virtual machines. In Proceedings of the International Conference on Cloud Computing, GRIDs, and Virtualization. 39--45.Google Scholar
M. Pena, J. Rodriguez-Andina, and M. Manic. 2017. The internet of things: The role of reconfigurable platforms. IEEE Industr. Electron. Mag. 11, 3 (Sept. 2017), 6--19.Google Scholar
S. Pinto, T. Gomes, J. Pereira, J. Cabral, and A. Tavares. 2017. IIoTEED: An enhanced, trusted execution environment for industrial IoT edge devices. IEEE Internet Comput. 21, 1 (Jan. 2017), 40--47. Google ScholarDigital Library
S. Pinto, A. Oliveira, J. Pereira, J. Cabral, J. Monteiro, and A. Tavares. 2017. Lightweight multicore virtualization architecture exploiting ARM TrustZone. In Proceedings of the Annual Conference of the IEEE Industrial Electronics Society. 3562--3567.Google Scholar
S. Pinto, D. Oliveira, J. Pereira, J. Cabral, and A. Tavares. 2015. FreeTEE: When real-time and security meet. In Proceedings of the IEEE Conference on Emerging Technologies Factory Automation. 1--4.Google Scholar
S. Pinto, D. Oliveira, J. Pereira, N. Cardoso, M. Ekpanyapong, J. Cabral, and A. Tavares. 2014. Towards a lightweight embedded virtualization architecture exploiting ARM TrustZone. In Proceedings of the IEEE Conference on Emerging Technology and Factory Automation. 1--4.Google Scholar
S. Pinto, J. Pereira, T. Gomes, M. Ekpanyapong, and A. Tavares. 2017. Towards a TrustZone-assisted hypervisor for real-time embedded systems. IEEE Comput. Architect. Lett. 16, 2 (July 2017), 158--161.Google ScholarCross Ref
S. Pinto, J. Pereira, T. Gomes, A. Tavares, and J. Cabral. 2017. LTZVisor: TrustZone is the key. In Proceedings of the Euromicro Conference on Real-Time Systems (Leibniz International Proceedings in Informatics), Vol. 76. Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik, Dagstuhl, Germany, 4:1--4:22.Google Scholar
S. Pinto, A. Tavares, and S. Montenegro. 2016. Space and time partitioning with hardware support for space applications. Data Systems in Aerospace, European Space Agency, ESA SP 736 (2016).Google Scholar
Prove 8 Run. 2017. ProvenCore-M. Retrieved from http://www.provenrun.com/products/provencore-m/.Google Scholar
R. Rijswijk-Deij and E. Poll. 2013. Using trusted execution environments in two-factor authentication: Comparing approaches. In Proceedings of the Open Identity Summit (Lecture notes in informatics), Vol. P-223. Gesellschaft for Informatik, 20--31.Google Scholar
Rob Dyke, Trustonic. 2017. Not just droning on! The rise of Kinibi-M. Retrieved from https://www.trustonic.com/news/blog/not-just-droning-rise-kinibi-m/.Google Scholar
D. Rosenberg. 2014. QSEE trustzone kernel integer overflow vulnerability. In Proceedings of the Black Hat Conference.Google Scholar
X. Ruan. 2014. Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine (1st ed.). Apress. Google ScholarDigital Library
M. Sabt, M. Achemlal, and A. Bouabdallah. 2015. Trusted execution environment: What it is, and what it is not. In Proceedings of the IEEE Trustcom/BigDataSE/ISPA, Vol. 1. 57--64. Google ScholarDigital Library
A.-R. Sadeghi, C. Wachsmann, and M. Waidner. 2015. Security and privacy challenges in industrial internet of things. In Proceedings of the ACM/EDAC/IEEE Design Automation Conference. 1--6. Google ScholarDigital Library
Samsung. 2013. White Paper: An Overview of Samsung KNOX. Retrieved from http://www.samsung.com/es/business-images/resource/white-paper/2014/02/Samsung_KNOX_whitepaper-0.pdf.Google Scholar
D. Sangorrín. 2012. Advanced Integration Techniques for Highly Reliable Dual-OS Embedded Systems. Ph.D. Dissertation.Google Scholar
D. Sangorrín, S. Honda, and H. Takada. 2010. Dual operating system architecture for real-time embedded systems. In Proceedings of the International Workshop on Operating Systems Platforms for Embedded Real-Time Applications. 6--15.Google Scholar
D. Sangorrín, S. Honda, and H. Takada. 2012. Reliable Device Sharing Mechanisms for Dual-OS Embedded Trusted Computing. 74--91.Google Scholar
N. Santos, H. Raj, S. Saroiu, and A. Wolman. 2014. Using ARM TrustZone to build a trusted language runtime for mobile applications. SIGARCH Comput. Archit. News 42, 1 (Feb. 2014), 67--80. Google ScholarDigital Library
O. Schwarz, C. Gehrmann, and V. Do. 2014. Affordable Separation on Embedded Platforms. Springer International Publishing, Cham, 37--54. Google ScholarDigital Library
Sequitur Labs. 2017. CoreLockr-TZ. Retrieved from https://www.sequiturlabs.com/corelockrtz/.Google Scholar
D. Shen. 2015. Exploiting TrustZone on android. In Proceedings of the Black Hat Conference.Google Scholar
J. Shin, Y. Kim, W. Park, and C. Park. 2012. DFCloud: A TPM-based secure data access control method of cloud storage in mobile devices. In Proceedings of the IEEE International Conference on Cloud Computing Technology and Science Proceedings. 551--556. Google ScholarDigital Library
J. Shuja, A. Gani, K. Bilal, A. Khan, S. Madani, S. Khan, and A. Zomaya. 2016. A survey of mobile device virtualization: Taxonomy and state of the art. Comput. Surveys 49, 1 (Apr. 2016), 1:1--1:36. Google ScholarDigital Library
SierraTEE. 2012. Retrieved from http://www.openvirtualization.org/.Google Scholar
S. Smalley and R. Craig. 2013. Security enhanced (SE) android: Bringing flexible MAC to android. In Proceedings of the Network and Distributed System Security Symposium, Vol. 310. 20--38.Google Scholar
Philip Sparks. 2017. The route to a trillion devices. White Paper, ARM.Google Scholar
G. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. 2003. AEGIS: Architecture for tamper-evident and tamper-resistant processing. In Proceedings of the Annual International Conference on Supercomputing. ACM, 160--171. Google ScholarDigital Library
H. Sun, K. Sun, Y. Wang, and J. Jing. 2015. Reliable and trustworthy memory acquisition on smartphones. IEEE Trans. Info. Forensics Secur. 10, 12 (Dec. 2015), 2547--2561.Google Scholar
H. Sun, K. Sun, Y. Wang, and J. Jing. 2015. TrustOTP: Transforming smartphones into secure one-time password tokens. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 976--988. Google ScholarDigital Library
H. Sun, K. Sun, Y. Wang, J. Jing, and S. Jajodia. 2014. TrustDump: Reliable Memory Acquisition on Smartphones. Springer International Publishing, Cham, 202--218.Google Scholar
H. Sun, K. Sun, Y. Wang, J. Jing, and H. Wang. 2015. TrustICE: Hardware-assisted isolated computing environments on mobile devices. In Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks. IEEE Computer Society, 367--378. Google ScholarDigital Library
T6 TEE. 2014. Retrieved from https://www.trustkernel.com/en/products/tee/t6.html.Google Scholar
A. Tanenbaum, J. Herder, and H. Bos. 2006. Can we make operating systems reliable and secure? Computer 39, 5 (May 2006), 44--51. Google ScholarDigital Library
A. Tang, S. Sethumadhavan, and S. Stolfo. 2017. CLKSCREW: Exposing the perils of security-oblivious energy management. In Proceedings of the USENIX Security Symposium. USENIX Association, 1057--1074. Google ScholarDigital Library
J. Taylor. 2016. Security for the next generation of safe real-time systems. In Proceedings of Embedded World Conference.Google Scholar
TLK. 2014. Retrieved from http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/papers/webcrypto2014_submission_25.pdf.Google Scholar
Trusted Computing Group. 2011. TPM Main: Part 1 Design Principles, Version 1.2, Revision 116 ed.Google Scholar
A. Vasudevan, E. Owusu, Z. Zhou, J. Newsome, and J. McCune. 2012. Trustworthy Execution on Mobile Devices: What Security Properties Can My Mobile Platform Give Me? Springer, Berlin, 159--178. Google ScholarDigital Library
J. Williams. 2015. Inspecting data from the safety of your trusted execution environment. In Proceedings of the Black Hat Conference.Google Scholar
J. Winter. 2008. Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In Proceedings of the ACM Workshop on Scalable Trusted Computing. ACM, 21--30. Google ScholarDigital Library
J. Winter. 2012. Experimenting with ARM TrustZone—Or: How I met a friendly piece of trusted hardware. In Proceedings of the IEEE International Conference on Trust, Security and Privacy in Computing and Communications. 1161--1166. Google ScholarDigital Library
Xilinx. 2014. Programming ARM TrustZone Architecture on the Xilinx Zynq-7000 All Programmable SoC. User Guide, UG1019 (v1.0).Google Scholar
N. Zhang, H. Sun, K. Sun, W. Lou, and Y. T. Hou. 2016. CacheKit: Evading memory introspection using cache incoherence. In Proceedings of the IEEE European Symposium on Security and Privacy. 337--352.Google Scholar
N. Zhang, K. Sun, D. Shands, W. Lou, and Y. Hou. 2016. TruSpy: Cache side-channel information leakage from the secure world on ARM devices. IACR Cryptology ePrint Archive (2016), 980.Google Scholar
Y. Zhang, Z. Chen, H. Xue, and T. Wei. 2015. Fingerprints on mobile devices: Abusing and leaking. In Proceedings of the Black Hat Conference.Google Scholar
B. Zhao, Y. Xiao, Y. Huang, and X. Cui. 2017. A private user data protection mechanism in TrustZone architecture based on identity authentication. Tsinghua Sci. Technol. 22, 2 (Apr. 2017), 218--225.Google Scholar
S. Zhao, Q. Zhang, G. Hu, Y. Qin, and D. Feng. 2014. Providing root of trust for ARM TrustZone using on-chip SRAM. In Proceedings of the International Workshop on Trustworthy Embedded Devices. ACM, 25--36. Google ScholarDigital Library

Index Terms

Demystifying Arm TrustZone: A Comprehensive Survey

Recommendations

Self-secured devices: High performance and secure I/O access in TrustZone-based systems
Abstract
Arm TrustZone is a hardware technology that adds significant value to the ongoing security picture. TrustZone-based systems typically consolidate multiple environments into the same platform, requiring resources to be shared among them. Currently,...
Read More
Demystifying ARM TrustZone TEE Client API using OP-TEE
SMA 2020: The 9th International Conference on Smart Media and Applications

Recently, sensitive information such as financial data and electronic payment systems have been stored in mobile devices. To protect important data, TEE technology has emerged, a trusty and safe execution environment. In particular, ARM TrustZone ...
Read More
TEEv: virtualizing trusted execution environments on mobile platforms
VEE 2019: Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

Trusted Execution Environments (TEE) are widely deployed, especially on smartphones. A recent trend in TEE development is the transition from vendor-controlled, single-purpose TEEs to open TEEs that host Trusted Applications (TAs) from multiple sources ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 51, Issue 6
November 2019
786 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3303862
Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering
Issue’s Table of Contents
Copyright © 2019 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 28 January 2019
- Accepted: 1 October 2018
- Revised: 1 August 2018
- Received: 1 April 2018
Published in csur Volume 51, Issue 6

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Arm
TEE
TrustZone
security
survey
virtualization
Qualifiers
- survey
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 245
  Total Citations
  View Citations
- 4,769
  Total Downloads
- Downloads (Last 12 months)840
- Downloads (Last 6 weeks)103
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Demystifying Arm TrustZone: A Comprehensive Survey

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Self-secured devices: High performance and secure I/O access in TrustZone-based systems

Demystifying ARM TrustZone TEE Client API using OP-TEE

TEEv: virtualizing trusted execution environments on mobile platforms