Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trusted Systems

INTRUST 2011: Trusted Systems pp 1–15Cite as

A Flexible Software Development and Emulation Framework for ARM TrustZone

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7222))

Abstract

ARM TrustZone is a hardware isolation mechanism to improve software security. Despite its widespread availability in mobile and embedded devices, development of software for it has been hampered by a lack of openly available emulation and development frameworks. In this paper we provide a comprehensive open-source software environment for experiments with ARM TrustZone, based on the foundations of the well known open-source QEMU platform emulator. Our software framework is complemented by a prototype kernel running within a trusted environment. We validate our software environment with an application example featuring a software based Trusted Platform Module hosted in a TrustZone protected runtime environment and an Android operating system accessing it through an high-level, industry-standard Trusted Computing API.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alves, T., Felton, D.: TrustZone: Integrated Hardware and Software Security - Enabling Trusted Computing in Embedded Systems (July 2004), http://www.arm.com/pdfs/TZ_Whitepaper.pdf

  2. ARM Limited: ARM TrustZone API Specification, Version 3.0 (2009), ARM PRD29-USGC-000089 3.1

    Google Scholar 

  3. ARM Limited: ARM Architecture Reference Manual, ARMv7-A and ARMv7-R edition, Errata Markup (2010), ARM DDI 0406B_errata_2010_Q3

    Google Scholar 

  4. ARM Ltd.: ARM compiler toolchain, http://infocenter.arm.com/help/topic/com.arm.doc.dui0471c/DUI0471C_developing_for_arm_processors.pdf

  5. ARM Ltd.: PrimeCell Infrastructure AMBA 3 TrustZone Protection Controller (BP147), Introduction online at: http://infocenter.arm.com/help/topic/com.arm.doc.dto0015a/DTO0015_primecell_infrastructure_amba3_tzpc_bp147_to.pdf

  6. ARM Ltd.: TrustZone Address Space Controller (TZC-380), Introduction online at: http://infocenter.arm.com/help/topic/com.arm.doc.ddi0431b/DDI0431B_tzasc_tzc380_r0p0_trm.pdf

  7. ARM Ltd.: Versatile Express Product Family (2011), Information online at: http://www.arm.com/products/tools/development-boards/versatile-express/index.php

  8. Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005, p. 41. USENIX Association, Berkeley (2005), http://dl.acm.org/citation.cfm?id=1247360.1247401

    Google Scholar 

  9. Bente, I., Dreo, G., Hellmann, B., Heuser, S., Vieweg, J., von Helden, J., Westhuis, J.: Towards Permission-Based Attestation for the Android Platform - (Short Paper). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 108–115. Springer, Heidelberg (2011), http://dx.doi.org/10.1007/978-3-642-21599-5_8

    Chapter  Google Scholar 

  10. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM, Washington DC (2004)

    Google Scholar 

  11. Ekberg, J.E., Asokan, N., Kostiainen, K., Rantala, A.: Scheduling execution of credentials in constrained secure environments. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, STC 2008, pp. 61–70. ACM, New York (2008), http://doi.acm.org/10.1145/1456455.1456465

    Chapter  Google Scholar 

  12. Ekberg, J.E., Bugiel, S.: Trust in a small package: minimized MRTM software implementation for mobile secure environments. In: Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing, STC 2009, pp. 9–18. ACM, New York (2009), http://doi.acm.org/10.1145/1655108.1655111

    Chapter  Google Scholar 

  13. Frenzel, T., Lackorzynski, A., Warg, A., Härtig, H.: ARM TrustZone as a Virtualization Technique in Embedded Systems. In: Twelfth Real-Time Linux Workshop (October 2010)

    Google Scholar 

  14. Google Inc.: Android OS (2011), http://www.android.com/

  15. Hussin, W.H.W., Coulton, P., Edwards, R.: Mobile Ticketing System Employing TrustZone Technology. In: Proceedings of the International Conference on Mobile Business, pp. 651–654. IEEE Computer Society, Washington, DC (2005), http://dl.acm.org/citation.cfm?id=1084013.1084282

    Google Scholar 

  16. Hussin, W.H.W., Edwards, R., Coulton, P.: E-Pass Using DRM in Symbian v8 OS and TrustZone: Securing Vital Data on Mobile Devices. In: International Conference on Mobile Business, p. 14 (2006)

    Google Scholar 

  17. IAIK: Trusted Computing for the Java(tm) Platform (2011), http://trustedjava.sourceforge.net/

  18. IBM: IBM’s Software Trusted Platform Module, http://sourceforge.net/projects/ibmswtpm/

  19. Kostiainen, K., Ekberg, J.E., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 104–115. ACM, New York (2009), http://doi.acm.org/10.1145/1533057.1533074

    Google Scholar 

  20. Lackorzynski, A., Frenzel, T., Roitzsch, M.: D2.6 First Initial Proof of Concept for Trust-Enhanced Virtualisation System (June 23, 2009), http://www.tecom-project.eu/downloads/deliverables2009/TECOM-D02.6-First-initial-proof-of-concept-for-trust-enhanced-virtualization-system.pdf

  21. Pirker, M., Toegl, R., Hein, D., Danner, P.: A PrivacyCA for Anonymity and Trust. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 101–119. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  22. Santos, N., Raj, H., Saroiu, S., Wolman, A.: Trusted Language Runtime (TLR): Enabling Trusted Applications on Smartphones (2011)

    Google Scholar 

  23. Toegl, R., Winkler, T., Nauman, M., Hong, T.W.: Specification and Standardization of a Java Trusted Computing API. Softw. Pract. Exper. (2011), http://dx.doi.org/10.1002/spe.1095

  24. Trusted Computing Group: TCG TPM Specification Version 1.2 (2011), https://www.trustedcomputinggroup.org/developers/

  25. Wachsmann, C., Chen, L., Dietrich, K., Löhr, H., Sadeghi, A.-R., Winter, J.: Lightweight Anonymous Authentication with TLS and DAA for Embedded Mobile Devices. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 84–98. Springer, Heidelberg (2011), http://dx.doi.org/10.1007/978-3-642-18178-8_8

    Chapter  Google Scholar 

  26. Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing Embedded Security on Dual-Virtual-CPU Systems. IEEE Design and Test of Computers 24(6), 582–591 (2007)

    Article  Google Scholar 

  27. Winter, J.: Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, STC 2008, pp. 21–30. ACM, New York (2008), http://doi.acm.org/10.1145/1456455.1456460

    Chapter  Google Scholar 

  28. Winter, J., Wiegele, P., Lipp, M., Niederl, A., et al.: Experimental version of QEMU with basic support for ARM TrustZone (source code repository) (July 28, 2011), Public GIT repository at: https://github.com/jowinter/qemu-trustzone

  29. Yussoff, Y.M., Hashim, H.: Trusted Wireless Sensor Node Platform. In: Ao, S.I., Gelman, L., Hukins, D.W., Hunter, A., Korsunsky, A.M. (eds.) Proceedings of the World Congress on Engineering, WCE 2010, London, U.K., June 30-July 2. Lecture Notes in Engineering and Computer Science, vol. I, pp. 774–779. International Association of Engineers, Newswood Limited (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Applied Information Processing and Communications, Graz University of Technology, Inffeldgasse 16a, 8010, Graz, Austria

    Johannes Winter, Paul Wiegele, Martin Pirker & Ronald Tögl

Authors
  1. Johannes Winter
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Wiegele
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin Pirker
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ronald Tögl
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett-Packard Laboratories, Long Down Avenue, BS34 8QZ, Stoke Gifford, Bristol, UK

    Liqun Chen

  2. Computer Science Department, Columbia University, Room 465, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

  3. Institute of Technology, Beijing Key Lab of Intelligent Information Technology, 100081, Beijing, China

    Liehuang Zhu

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Winter, J., Wiegele, P., Pirker, M., Tögl, R. (2012). A Flexible Software Development and Emulation Framework for ARM TrustZone. In: Chen, L., Yung, M., Zhu, L. (eds) Trusted Systems. INTRUST 2011. Lecture Notes in Computer Science, vol 7222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32298-3_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-32298-3_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32297-6

  • Online ISBN: 978-3-642-32298-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation