• Open source software to secure the communication channel of an embedded system?

    Diya Soubra
    Diya Soubra

    Building a secure embedded solution requires protecting it from attacks targeting the communication channel.

    Usually this means encrypting all traffic on that channel.

    This can be done in hardware or software or a combination of both.

    An open source cryptography…

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • What is the top level difference in features between Cortex-M33 and Cortex-M4?

    Diya Soubra
    Diya Soubra

    This is a very common question.

    The diagram below is a pictorial description of the differences followed by some explanations.

    Cortex-M33 v Cortex-M4 features

    Starting from the bottom:

    • Cortex-M33 is an implementation of the ARMv8-M architecture. Full details are in my blog on the 5…
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • What is the top level difference in features between Cortex-M23 and Cortex-M0+?

    Diya Soubra
    Diya Soubra

    This is a very common question too.

    The diagram is a pictorial description of the differences followed by some explanations.

     

     

    Starting from the bottom:

     

    -Cortex-M23 is an implementation of the ARMv8-M architecture. Full details here.

    -Using the same debug…

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • How to add particular interface (I2C or SPI) to the trustzone from software in qualcomm MSM8909 platform.

    sourabhdas
    sourabhdas

    We are using qualcomm MSM8909 platform. We want to add any of the interface (I2C or SPI) to the trustzone, so that non-secure world couldn't access it. It should only be accessed by the QSAPP apps.

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Security principles for TrustZone for ARMv8-M - example slide 22

    raghu.ncstate
    raghu.ncstate

    I noticed on slide 22 of the security principles presentation the function definition sec_sum_silly(int *p, volatile size_t *s); The presenter explicitly noted that they needed to mark the variable s as volatile. Im not sure I see why.

    The contents of…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Security State transitions - Processor Mode

    Pierre
    Pierre

    Edit: CONTROL.nPRIV is actually banked so I modified my question

    Hi,

    I have a question regarding S/NS state transitions and PE modes.

    From what I read in the ARMv8-M ARM there is no restriction in terms of PE mode for state transitions.

    The PE mode is…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Trapping IRQ from Secure World Firmware to Normal World Rich OS over Monitor Vector Table

    PaulHilt
    PaulHilt

    I am trapping IRQs that are prompted in Secure World to a Rich OS in Non Secure World over the Monitor IRQ-Handler. The Rich OS should not notice that the Interrupt was catched by the Monitor, therefore the Monitor IRQ-Handler branches, after storing…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Memory map for ARMv8-M TrustZone SOC's

    raghu.ncstate
    raghu.ncstate

    Hello,

    I was wondering what the memory map of an SOC that includes a ARMv8-M TrustZone enabled system would like. Is it fixed or is it variable ? Based on the ARMv8-M ARM, it appears that things like the SAU, MPU, NVIC etc are all memory mapped and are…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Technical Reference Manual for Cortex-M33 is released to the web

    Diya Soubra
    Diya Soubra

    For those looking for more technical information for the Cortex-M33 the TRM is now posted in info center

     

    http://infocenter.arm.com/help/topic/com.arm.doc.100230_0002_00_en/cortex_m33_trm_100230_0002_00_en.pdf

     

    The Cortex-M23 TRM was posted a while b…

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Which component set the NS bit in SCR ?

    Sahil
    Sahil

    Hi,

    I am new to the ARM TrustZone Architecture.

    I am confused that who sets the NS bit in the SCR register, is it the processor itself set bit to 1 when it enters the EL3 mode, or it is the Monitor mode code is setting the NS bit ?

    Maybe I am asking…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Can we use same peripheral in secure and non secure world simultaneoulsy ?

    Sahil
    Sahil

    Hi,

    Can we use a particular device in secure and non secure mode simultaneously without switching between modes?

    Can it be done by by configuring/partitioning the address space of device ?

    Thanks,

    Sahil Malhotra

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Non-Secure Software installing SG instructions into Secure Memory

    kappajacko
    kappajacko

    In "System Design with ARMv8M, Section 1.6 Block-based Gate", a Block-based gate is described.

    The document describes 2 hard requirements for a Block-base Gate followed by an explanation for the 2nd requirement.

    The gate has two hard requirements…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Is there any ARMv8-M platform that support TrustZone?

    zhaoshijun
    zhaoshijun

    Is there any physical ARMv8-M platform that support TrustZone?

    I want to buy one to do some experiment. 

    Can anyone provide some information?

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • How NS bit is set in case of DMA transfer ?

    Sahil
    Sahil

    Hi,

    When core makes a transaction, NS signal is sent on AXI bus depending on the SCR.NS bit.

    But when DMA transaction is issued, how the NS bit is propagated on the AXI bus ?

    Thanks

    Sahil

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • [Cortex-M33 FVP]:SecureFault with SAU disable

    sdiwakar
    sdiwakar

    Hello,

    I am using Cortex-M33 FVP model to run the Keil RTX TrustZoneV8M RTOS example.
    Have also tried to experiment with the memory map configuration and the corresponding SAU region programming for NS/S patitioning and the behaviour is as expected.

    However…

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Instruction Fetches from Peripheral Memory Space

    kappajacko
    kappajacko

    Is it possible to use the MPU to configure the Peripheral Memory Space as Execute?

    It looks possible via the MPU_RBAR.XN bit.

    If this is the case, is it fair to say that TrustZone aware select gates need to monitor HPROT[0] or PPROT[2] and block the transaction…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Purpose of SAU in Multi-Master System

    kappajacko
    kappajacko

    I don't understand the use case of the SAU in a Multi-Master system using the M33.

    If the system uses an IDAU to define the secure memory map, enabling the SAU will override almost all IDAU settings with respect to the M33 because all memory is Secure…

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • SAU vs. IDAU in a System with Multiple Masters

    kappajacko
    kappajacko

    Why implement the SAU in the PE if you have an IDAU and multiple masters with the same IDAU as the PE?

    If the PE has an SAU, the PE will have a different security view of the system then the other masters.

    Is this not an issue?

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Which component will program TZASC?

    Sahil
    Sahil

    I have read in one ARM document

    The TrustZone Address Space Controller (TZASC) is an AXI component which partitions its slave address range into a number of memory regions. The TZASC can be programmed by Secure software to configure these regions as Secure…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Excepted Practice for NS writes after setting M33 SAU.ALLNS

    kappajacko
    kappajacko

    What’s the excepted programming sequence for setting the SAU.ALLNS to when you can start issuing NS transactions?

    Assuming MY_BLOCK is Secure, this sequence actually writes the REGISTER:

    SAU->CTRL = ALLNS_Mask;

    MY_BLOCK_NS->REGISTER = 0xDEAD…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • MPU vs TrustZone-M

    BlueP
    BlueP

    When you are securing a firmware or an application code , it boils down to protecting the portion of memory with MPU. When and why would I use TrustZone-M for securing the firmware when I can actually get it done by an MPU. Any insights are appreciated…

    • Answered
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • how to get the object file with secure interface

    jinha.hwang
    jinha.hwang

    I'm trying to build some sample sources from Keil MDK with GNU embedded compiler.

    I have built an secure elf file and tried to make the object file with secure interface like this.

    arm-none-eabi-ld ./cm33_s.elf -T linker.ld --out-implib ./cmse_lib…
    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Cortex-M23 FVP hard faults when using DS-5 Debugger

    HugoARA
    HugoARA

    Hi,

    I'm starting to explore this technology by running the TrustZone example application in Linux using GNU ARM Toolchain. This example is provided by a CMSIS software pack containing this example called "TrustZone for ARMv8-M No RTOS" which I was…

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Where will the various software components reside in a TrustZone for ARMv8-M solution?

    Diya Soubra
    Diya Soubra

    Where the system designer wants them to be, of course!

    There is no restriction on where the various software modules reside. As with all other Cortex-M processors, the system designer is at liberty to build the solution that has the best fit for the target…

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
  • Platform security architecture is announced by Arm

    Diya Soubra
    Diya Soubra

    • over 3 years ago
    • TrustZone for Armv8-M
    • TrustZone for Armv8-M forum
<>