Editor’s Note: This content is contributed By Nathan Menhorn, Embedded software engineer at Xilinx
Multiple Layers of Protection
No longer is a single form of isolation enough to protect security-critical assets, such as crypto keys, algorithms, etc. In a Trusted Execution Environment (TEE) architecture, multiple layers of protection are in place to maximize the protection of security-critical assets. These layers of protection include both isolated hardware and isolated software. A TEE is applicable to most markets, but is extremely useful in connected devices such as automobiles, data center, and IoT, which have a higher probability of being attacked.
Current Security Architectures
Running security-critical applications in a separate OS under a hypervisor or in a separate processor allows for high-performance security-critical applications but is extremely vulnerable to most common attacks. On the other hand, offloading security-critical applications to an external device such as a TPM or smart card provides a high level of security but is very limited in the algorithms that can be run as well as the performance. A Trusted Execution Environment (TEE) solves these two issues by providing a very high level of security while running on a high-performance SoC like the Zynq® UltraScale+™ MPSoC or Zynq UltraScale+ RFSoC.
EAL7 Certified TEE
Proven & Run, a Xilinx partner, has implemented their TEE solution on the Zynq UltraScale+ platform. Parts of the TEE, such as the secure OS called ProvenCore, have been Common Criteria certified to Evaluation Assurance Level (EAL) 7 – the highest certification level possible – and were developed using formal methods. Prove & Run’s TEE takes advantage of the advanced isolation enhancements of the Zynq UltraScale+ platform, which are not found in other SoCs.
To learn more about the architecture of a TEE as well as Prove & Run’s TEE solution running on the Zynq UltraScale+ platform, please take a few minutes to read the following white paper.
Original Date: 12-17-2019