Overview
Explore the implementation of a framework for secure partitioning and compartmentalization in IoT devices through this 39-minute conference talk by Miklos Balint and Ken Liu from Arm. Delve into the challenges of achieving isolation between secure and non-secure processing environments using TrustZone for Armv8-M, and learn about memory region-based protection for compartmentalization within secure environments. Discover how Trusted Firmware M (TF-M) provides services to non-secure applications using isolated threads, and examine key issues in compartmentalized systems such as interrupt handling, isolation management, and interaction between sandboxed partitions. Gain insights from experienced software engineers as they discuss programming models, interaction scenarios, and practical examples of secure IoT implementations.
Syllabus
Introduction
Challenges
Level of Security
Interaction scenarios
Simple use case
Nonsecure execution
Programming models
Interaction implementation
Nonsecure processing environment
Example
Solution
Summary
Taught by
Linux Foundation