Beyond TrustZone Security Enclaves Reed Hinkel | Senior Manager Embedded Security Market Develop
© 2017 Arm Limited
Part2 – Security Enclaves Tech Seminars 2017
Agenda New security technology for IoT •
Security Enclaves – CryptoIsland
•
System IP for debug
•
Dev boards & chips
GlobalPlatform TEE •
OTA and RoT topics
Summary
2
© 2017 Arm Limited
In a connected everything World…
What level of security robustness do you need?
3
© 2017 Arm Limited
Security is a balance… Cost/effort to attack
Secure Element Security enclave or subystem SW & HW Attacks •
TrustZone based TEE/PSA
•
Physical access to device – JTAG, Bus, IO Pins, Time, money & equipment
Software Attacks & lightweight hardware attacks • • •
TLS/SSL
Buffer overflows Interrupts Malware
Communication Attacks • • •
Man In The Middle Weak RNG Code vulnerabilities
*Trusted Execution Environment / Secure Partitioning Manager
Cost/effort to secure 4
© 2017 Arm Limited
Beyond TrustZone - Security enclaves A programmable security enclave to extend fixed function CryptoCell family. TrustZone CryptoIslands - an additional family of security solutions by Arm.
Debug CoreSight SoC
System SRAM
Host CPU
SRAM Cntl Instruction cache
TrustZone filters
SoC Alwayson domain
interconnect
Aimed at providing on-die security services, in a physically isolated manner (host CPU agnostic).
TrustZone Filters Flash Controller(s)
CryptoIsland Isolating I/F Secure CPU
Axiom: less sharing of resources leads to smaller attack surface and fewer vulnerabilities. Certification, at a reasonable cost (i.e. reuse). 5
© 2017 Arm Limited
Flash (internal / external)
Boot ROM Secure RAM
Secure Always On
APB peripherals
Alarms Roots of Trust
Cryptography LCS Mgr
APB bridge
Debug control
Power Control
Example: PSA with CryptoIsland on Armv8-M CryptoIsland is providing services to the Trusted Partitions and/or implements some of these trusted functions. Non-secure processing Environment
Arm v8-M: non-secure processing environment
Arm v8-M: secure processing environment
Secure processing environment (SPE)
CryptoIsland security enclave
6
© 2017 Arm Limited
Example: PSA with CryptoIsland on Armv7-M The Secure Processing Environment (SPE) is in CryptoIsland.
Arm v7-M: non-secure processing environment
CryptoIsland security enclave
7
© 2017 Arm Limited
CryptoIsland-300: the first family member We are forming a 1st security enclave out of existing and mature HW components (CPU, CryptoCell, interconnect, filters, mailbox, power control…) •
The SW and tools is where a lot of the effort is going invested!
Key point is preserve an identical “touch and feel” from the SW perspective, so the isolation/robustness choice explained earlier won’t impact the higher layers. •
Allowing different implementations to be interchangeable
Example target applications: LPWAN, Storage, Automotive, General purpose MCUs…
8
© 2017 Arm Limited
New solution for authenticated debug access – SDC-600 Hackers can abuse debug interfaces to gain access to the chip.
Socrates
Debug Subsystem
Arm addressing this misuse by enabling debug authentication on our partners’ silicon.
CoreSight SoC
Alternative to blowing e-fuse on debug port. SDC-600 Secure Debug Channel
SDC-600 (Secure Debug Channel) enables certificate based authentication handshake with external agent.
CryptoIsland
Isolating I/F Secure CPU Boot ROM Certificate
Secure RAM
Debug control Secure Always On Alarms
Cryptography LCS Mgr
9
© 2017 Arm Limited
Roots of Trust
SoC Host CPU
The Secure Debug Manager knows how to do the crypto to generate an unlock certificate for CryptoCell – or other unlock technology the target supports
Following certificate installation the APs are enabled, allowing external debug access 10
© 2017 Arm Limited
New dev board for PSA development - Musca-A1! Ready for PSA development Cortex-M33 based dev board. Used for internal software development. Test chip built on PSA recommendations. •
PSA development platform
Prototype your system Available now
11
© 2017 Arm Limited
Musca-A1 boards
Come to Arm booth to see Musca-A1!
Musca-A1 – PSA development platform
CoreSight SoC
Cortex-M33 Instruction Cache
Cortex-M33 Instruction Cache
IDAU
Secure Debug
IDAU
Other Arm IP Arm CoreLink SDK-200 IP
Local SRAM
TrustZone Filters
Cadence IP Always-on domain
Other
Power Control
Multi-layer AHB5 interconnect TrustZone Filters
TrustZone Filters
AHB5 interconnect
APB Peripherals
GPIO
I2C
master
PWM
Cordio BLE / 802.15.4
UART
Code SRAM
I2S
(digital part)
CoreLink SSE-200 subsystem
QSPI
Cordio BLE / 802.15.4
SPI
TrustZone Cryptocell
32MHz oscillator
PLL
RTC
SRAM Controller
32kHz oscillator
APB Bridge
SRAM Cntl
System SRAM
APB Bridge
32 MHz
TrustZone Filters
TrustZone Filters
32 kHz
AHB5 code interface
(RF part)
Musca-A1 12
© 2017 Arm Limited
Agenda New security technology for IoT •
Security Enclaves – CryptoIsland
•
System IP for debug
•
Dev boards & chips
GlobalPlatform TEE •
OTA and RoT topics
Summary
13
© 2017 Arm Limited
Arm TrustZone based TEE architecture A reminder of the architecture Normal world code
Trusted software
Payment
Apps
Trusted_Apps
DRM
EL1 EL2 Arm Trusted Firmware
Device drivers
Secure device drivers
Rich OS
Trusted OS
Hypervisor
SMCCC
PSCI
Payload Dispatcher
Trusted Boot
GlobalPlatform standardization TrustZone-based TEE Common foundation
Hardware Interfaces Key Trusted SW/HW
Arm Cortex-A
SoC Subsystem Physical IP
14
© 2017 Arm Limited
Graphics
CryptoCell
Video
Secure store
Initial ROT and security subsystem
GlobalPlatform & TEE GlobalPlatform is a Standards Defining Organisation: it is the home of TEE.
15
•
Defines APIs and Trusted services
•
Compliance program
•
TEE Protection Profile
•
Security certification program
•
Over the Air TEE management – Trusted Management Framework & Open Trust Protocol (PKI & JSON based)
© 2017 Arm Limited
OTA management of TEE is a market requirement
A new capability – standards based OTA TEE management OTrP* is being developed as an option in TMF & compatible with GlobalPlatform TEE System Architecture.
Secure Code Image Dev
Main features: •
A specific PKI architecture and trust anchors
•
A high level (JSON-based) message protocol
•
A REE Agent for communication with TAM/TSMs
•
A set of mandatory services from the Boot TEE and Bootstrap Domain
Image Delivery Server
TAM
TEE Device Certificate Authority *Open Trust Protocol is being developed as an option for Trusted Management Framework
16
© 2017 Arm Limited
TEE Device
Root of Trust is the foundation for secure services
TPM
PC
RoT = Trustworthy hardware & security functions
Cloud
Mobile & IoT
TEE & / or Security subsystem / SE
HSM
A Root of Trust, is a hardware device and a runtime environment that provide a set of trusted functions from which an initial chain or trust can be derived. It is the trust anchor for the system
17
© 2017 Arm Limited
TrustZone based TEE + extended Root of Trust example Normal World IoT developer writes Apps on top of his/her chosen OS
Secure World = Trusted code (Trusted OS/Libs) + Trusted Apps/functions + Trusted hardware
Security subsystem Reduced attack surface Protection from physical & side channel attacks Developed by security specialists 18
© 2017 Arm Limited
TrustZone based TEE + security subsystem option An additional security layer Applications Arm TrustZone based TEE for trusted functions
Execution environment isolation RoT mgmt Rollback protection
Lifecycle management
Debug authentication
Data protection Secure (off-line, manufacturing runtime)
SW SW validation & Cryptography updates decryption validation RNG Persistent trusted storage 19
© 2017 Arm Limited
Security subsystem e.g. Arm CryptoCell for RoT services
TrustZone family of security IPs provides protection from physical & SW attacks
Summary
© 2017 Arm Limited
Key take-aways… Arm has launched CryptoIsland - a new family of Security enclaves by Arm •
Provides a robust Root of Trust with some programmability
•
Creates another layer of hardware security beyond TrustZone
Arm has launched SDC-600 for certificate based control of debug
The TrustZone based TEE for Cortex-A is gaining a simple OTA management protocol •
OTrP provides a PKI based trust architecture and high level JSON protocol
Arm is making robust security easier, quicker and cheaper to implement! 21
© 2017 Arm Limited
Thank You! Danke! Merci! 谢谢! ありがとう! Gracias! Kiitos! 22
© 2017 Arm Limited
The Arm trademarks featured in this presentation are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All rights reserved. All other marks featured may be trademarks of their respective owners. www.arm.com/company/policies/trademarks 23
© 2017 Arm Limited
