Previous Page  41 / 84 Next Page
Information
Show Menu
Previous Page 41 / 84 Next Page
Page Background

peripherals in hardware. TrustZone

allows the software to be broken up

into secure and unsecure regions

which then execute in either a secure

or non-secure processor state. The

secure state allows full access to the

processor’s memory and peripherals,

while the non-secure state can only

access non-secure regions and

secure functions that are purposely

exposed to the non-secure code

(Figure 2).

Developers can choose which flash

and RAM locations belong to the

secure state and which belong to

the non-secure state. When non-

secure code calls a secure function,

the switch between non-secure and

secure states is handled completely

in hardware in a deterministic

manner that has a worst-case switch

time overhead of three clock cycles.

There are several registers within

the CPU that are shared between the

secure and non-secure states, but

each state also has their own stack

pointer, fault, and control registers.

The M33 even has a stack limit

register that can be used to detect a

stack overflow.

It’s important to note that TrustZone

is a processor extension, which

means that it is up to the processor

manufacturer as to whether they

will include TrustZone support or

not on the part. Since TrustZone

is optional, let’s examine a few

Armv8-M processors that are

currently available and how they

handle TrustZone.

Selecting an Armv8-M

processor with

TrustZone support

There are currently several

processors that are available that

support the Armv8-M processor.

What’s interesting is that these parts

are so new, that as of late summer

2018, the only manufacturer that

Figure 1:

From a performance standpoint, the new Cortex-M23/33 processors

fit into the family as improved Cortex-M0+ and Cortex-M4 processors.

(Image source: Arm)

Figure 2:

TrustZone uses hardware isolation to separate the processor and

application into non-secure and secure states. Code executing in the non-secure

state cannot access or manipulate secure memory or code. Secure memory and

code can only be accessed while running in a secure state.

(Image source: Arm)

New-Tech Magazine Europe l 41

1 36 37 38 39 40 41 42 43 44 45 46 47 84  FlippingBook