SPRY303F May   2019  – February 2025 AM3351 , AM3352 , AM3354 , AM3356 , AM3357 , AM3358 , AM3358-EP , AM3359 , AM4372 , AM4376 , AM4377 , AM4378 , AM4379 , AM5706 , AM5708 , AM5746 , AM5748 , AM623 , AM625 , AM625-Q1 , AM625SIP , AM62A1-Q1 , AM62A3 , AM62A3-Q1 , AM62A7 , AM62A7-Q1 , AM62L , AM62P , AM62P-Q1 , AM6411 , AM6412 , AM6421 , AM6422 , AM6441 , AM6442 , AM6526 , AM6528 , AM6546 , AM6548 , AM68 , AM68A , AM69 , AM69A , DRA821U , DRA821U-Q1 , DRA829J , DRA829J-Q1 , DRA829V , DRA829V-Q1 , TDA4VM , TDA4VM-Q1

 

  1.   1
  2.   Introduction
  3.   Risk management
  4.   What to protect?
  5.   How much security?
  6.   Architectural considerations
  7.   The security pyramid
  8.   Secure boot
  9.   Cryptographic acceleration
  10.   Device-ID and keys
  11.   Debug security
  12.   Trusted execution environment
  13.   External memory protection
  14.   Network security
  15.   Secure storage
  16.   Initial secure programming
  17.   Secure firmware and software updates
  18.   Software Intellectual Property (IP) protection
  19.   Physical security
  20.   Enclosure protection
  21.   Where to start with embedded security?
  22.   Security enablers for TI application processors
  23.   Conclusion
  24.   References

Trusted execution environment

The run-time security layer is comprised of several distinct capabilities which all play a part in protecting the system following the boot-up process and while the system’s operating system (OS) is executing. An important aspect of run-time security is to monitor all aspects of the system to determine when an intrusion has either occurred or been attempted.

Trusted execution environment (TEE). Figure 4 Trusted execution environment (TEE).

Trusted execution environment security provides the ability for a system to host secure and non-secure applications concurrently and maintain the partition through the system such that there is no leak of data. It is important to run sensitive applications where the application and associated code/data base is fully sand-boxed from other applications.

A trusted execution environment essentially provides a secured partition within a multicore system where only certified secure firmware, software and applications can execute, and certified data can be stored.

Walling off the trusted execution environment from the rest of the multicore/multiprocessing system prevents suspect code, applications and data that may pass through the system from contaminating mission-critical software, data and other IP.