Copyright © 2005-2009 ARM Limited. All rights reserved.
PRD29-GENC-009492C
ARM Security Technology
Building a Secure System using
TrustZone
®
Technology
ii Copyright © 2005-2009 ARM Limited. All rights reserved. PRD29-GENC-009492C
Unrestricted
Access
ARM Security Technology
Building a Secure System using TrustZone Technology
Copyright © 2005-2009 ARM Limited. All rights reserved.
Release Information
The following changes have been made to this document.
Proprietary Notice
Words and logos marked with or are registered trademarks or trademarks owned by ARM Limited, except
as otherwise stated below in this proprietary notice. Other brands and names mentioned herein may be the
trademarks of their respective owners.
Neither the whole nor any part of the information contained in, or the product described in, this document
may be adapted or reproduced in any material form except with the prior written permission of the copyright
holder.
The product described in this document is subject to continuous developments and improvements. All
particulars of the product and its use contained in this document are given by ARM in good faith. However,
all warranties implied or expressed, including but not limited to implied warranties of merchantability, or
fitness for purpose, are excluded.
This document is intended only to assist the reader in the use of the product. ARM Limited shall not be liable
for any loss or damage arising from the use of any information in this document, or any error or omission in
such information, or any incorrect use of the product.
Confidentiality Status
This document is Non-Confidential. The right to use, copy and disclose this document may be subject to
license restrictions in accordance with the terms of the agreement entered into by ARM and the party that
ARM delivered this document to.
Unrestricted Access is an ARM internal classification.
Change History
Date Issue Change
December 2008 A First release
January 2009 B Minor language clarifications
Fixed monitor latency calculation onpage 5-12
April 2009 C Added information related to multiprocessor systems:
Accelerator Coherency Port on page 3-10
Multiprocessor systems with the Security Extensions on page 3-13
Multiprocessor debug control on page 3-18
Secure software and multiprocessor systems on page 5-13
Hardware design checklist on page 7-3
Software design checklist on page 7-5
PRD29-GENC-009492C Copyright © 2005-2009 ARM Limited. All rights reserved. iii
Unrestricted Access Non-Confidential
Product Status
This document is an informative whitepaper related to ARM security technology, and is not directly related
to any individual product.
Web Address
http://www.arm.com
iv Copyright © 2005-2009 ARM Limited. All rights reserved. PRD29-GENC-009492C
Unrestricted
Access
PRD29-GENC-009492C Copyright © 2005-2009 ARM Limited. All rights reserved. v
Unrestricted Access Non-Confidential
Contents
ARM Security Technology
Preface
About this document .................................................................................... viii
Using this document ...................................................................................... ix
Further reading .............................................................................................. x
Feedback ....................................................................................................... xi
Chapter 1 Introduction
1.1 What is security? ......................................................................................... 1-2
1.2 The need for security .................................................................................. 1-4
1.3 What are the threats? ................................................................................. 1-6
Chapter 2 System Security
2.1 System security ........................................................................................... 2-2
2.2 TrustZone hardware security ...................................................................... 2-7
Chapter 3 TrustZone Hardware Architecture
3.1 Overview ..................................................................................................... 3-2
3.2 System architecture .................................................................................... 3-4
3.3 Processor architecture ................................................................................ 3-6
3.4 Debug architecture .................................................................................... 3-17