A Flexible Software Development and Emulation Framework for ARM TrustZone

  • Johannes Winter
  • Paul Wiegele
  • Martin Pirker
  • Ronald Tögl
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7222)


ARM TrustZone is a hardware isolation mechanism to improve software security. Despite its widespread availability in mobile and embedded devices, development of software for it has been hampered by a lack of openly available emulation and development frameworks. In this paper we provide a comprehensive open-source software environment for experiments with ARM TrustZone, based on the foundations of the well known open-source QEMU platform emulator. Our software framework is complemented by a prototype kernel running within a trusted environment. We validate our software environment with an application example featuring a software based Trusted Platform Module hosted in a TrustZone protected runtime environment and an Android operating system accessing it through an high-level, industry-standard Trusted Computing API.


Normal World Exception Handler Trust Computing Processor Mode Direct Anonymous Attestation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alves, T., Felton, D.: TrustZone: Integrated Hardware and Software Security - Enabling Trusted Computing in Embedded Systems (July 2004),
  2. 2.
    ARM Limited: ARM TrustZone API Specification, Version 3.0 (2009), ARM PRD29-USGC-000089 3.1Google Scholar
  3. 3.
    ARM Limited: ARM Architecture Reference Manual, ARMv7-A and ARMv7-R edition, Errata Markup (2010), ARM DDI 0406B_errata_2010_Q3Google Scholar
  4. 4.
  5. 5.
    ARM Ltd.: PrimeCell Infrastructure AMBA 3 TrustZone Protection Controller (BP147), Introduction online at:
  6. 6.
    ARM Ltd.: TrustZone Address Space Controller (TZC-380), Introduction online at:
  7. 7.
    ARM Ltd.: Versatile Express Product Family (2011), Information online at:
  8. 8.
    Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005, p. 41. USENIX Association, Berkeley (2005), Google Scholar
  9. 9.
    Bente, I., Dreo, G., Hellmann, B., Heuser, S., Vieweg, J., von Helden, J., Westhuis, J.: Towards Permission-Based Attestation for the Android Platform - (Short Paper). In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 108–115. Springer, Heidelberg (2011), CrossRefGoogle Scholar
  10. 10.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM, Washington DC (2004)Google Scholar
  11. 11.
    Ekberg, J.E., Asokan, N., Kostiainen, K., Rantala, A.: Scheduling execution of credentials in constrained secure environments. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, STC 2008, pp. 61–70. ACM, New York (2008), CrossRefGoogle Scholar
  12. 12.
    Ekberg, J.E., Bugiel, S.: Trust in a small package: minimized MRTM software implementation for mobile secure environments. In: Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing, STC 2009, pp. 9–18. ACM, New York (2009), CrossRefGoogle Scholar
  13. 13.
    Frenzel, T., Lackorzynski, A., Warg, A., Härtig, H.: ARM TrustZone as a Virtualization Technique in Embedded Systems. In: Twelfth Real-Time Linux Workshop (October 2010)Google Scholar
  14. 14.
    Google Inc.: Android OS (2011),
  15. 15.
    Hussin, W.H.W., Coulton, P., Edwards, R.: Mobile Ticketing System Employing TrustZone Technology. In: Proceedings of the International Conference on Mobile Business, pp. 651–654. IEEE Computer Society, Washington, DC (2005), Google Scholar
  16. 16.
    Hussin, W.H.W., Edwards, R., Coulton, P.: E-Pass Using DRM in Symbian v8 OS and TrustZone: Securing Vital Data on Mobile Devices. In: International Conference on Mobile Business, p. 14 (2006)Google Scholar
  17. 17.
    IAIK: Trusted Computing for the Java(tm) Platform (2011),
  18. 18.
    IBM: IBM’s Software Trusted Platform Module,
  19. 19.
    Kostiainen, K., Ekberg, J.E., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 104–115. ACM, New York (2009), Google Scholar
  20. 20.
    Lackorzynski, A., Frenzel, T., Roitzsch, M.: D2.6 First Initial Proof of Concept for Trust-Enhanced Virtualisation System (June 23, 2009),
  21. 21.
    Pirker, M., Toegl, R., Hein, D., Danner, P.: A PrivacyCA for Anonymity and Trust. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 101–119. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Santos, N., Raj, H., Saroiu, S., Wolman, A.: Trusted Language Runtime (TLR): Enabling Trusted Applications on Smartphones (2011)Google Scholar
  23. 23.
    Toegl, R., Winkler, T., Nauman, M., Hong, T.W.: Specification and Standardization of a Java Trusted Computing API. Softw. Pract. Exper. (2011),
  24. 24.
    Trusted Computing Group: TCG TPM Specification Version 1.2 (2011),
  25. 25.
    Wachsmann, C., Chen, L., Dietrich, K., Löhr, H., Sadeghi, A.-R., Winter, J.: Lightweight Anonymous Authentication with TLS and DAA for Embedded Mobile Devices. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 84–98. Springer, Heidelberg (2011), CrossRefGoogle Scholar
  26. 26.
    Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing Embedded Security on Dual-Virtual-CPU Systems. IEEE Design and Test of Computers 24(6), 582–591 (2007)CrossRefGoogle Scholar
  27. 27.
    Winter, J.: Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, STC 2008, pp. 21–30. ACM, New York (2008), CrossRefGoogle Scholar
  28. 28.
    Winter, J., Wiegele, P., Lipp, M., Niederl, A., et al.: Experimental version of QEMU with basic support for ARM TrustZone (source code repository) (July 28, 2011), Public GIT repository at:
  29. 29.
    Yussoff, Y.M., Hashim, H.: Trusted Wireless Sensor Node Platform. In: Ao, S.I., Gelman, L., Hukins, D.W., Hunter, A., Korsunsky, A.M. (eds.) Proceedings of the World Congress on Engineering, WCE 2010, London, U.K., June 30-July 2. Lecture Notes in Engineering and Computer Science, vol. I, pp. 774–779. International Association of Engineers, Newswood Limited (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Johannes Winter
    • 1
  • Paul Wiegele
    • 1
  • Martin Pirker
    • 1
  • Ronald Tögl
    • 1
  1. 1.Institute for Applied Information Processing and CommunicationsGraz University of TechnologyGrazAustria

Personalised recommendations