Saturday 21 September 2019

Developing & Delivering KnowHow

Home > Training > Arm Microcontroller Security with TrustZone-M

Secure EmbeddedArm Microcontroller Security with TrustZone-M

Standard Level - 2 days

view dates and locations


With the ever increasing range of applications for Arm® microcontrollers, from simple environmental monitors, through to automotive components and complex consumer appliances, the issue of security when developing these devices has never been so crucial.

This course covers the security aspects of software design in Arm's latest v8-M processors (including the Cortex®-M23 and Cortex-M33) that utilize TrustZone v8-M Security Extensions. The training includes architecting the software, configuring the secure side, accessing secure APIs from the non-secure side and dealing with exceptions.

The workshops are based around carefully designed exercises investigating features of the TrustZone-M architecture, their practical application, and comprise around 40% of class time. If you have specific security application requirements, please contact the Doulos team to discuss your options.

Non-security topics (such as understanding the use of DSP instructions or the floating-point unit, optimization and standard debugging techniques) are covered in other courses. See Arm Cortex-M33 Software Design.

Who should attend?

This course is aimed at electronic hardware, software and system-on-chip engineers who need to gain a working knowledge of this new security architecture. This could include:

  • Software architects deciding how to partition software targeted for an Arm v8-M processor.
  • Embedded programmers implementing designs that utilize this technology.
  • Software engineers designing secure software for an Arm v8-M Mainline or Baseline embedded processor.
  • Code reviewers and Quality Assurance team members taking a critical look at the product.

What will you learn?

  • Security basics -- assets, threats, & defenses
  • How the SAU and IDAU interact
  • How to get into and out of TrustZone security states
  • Understanding how registers are affected and where programmers need to take care
  • Reducing overhead with CSME compliant compilers
  • Reducing security impacts to non-secure software
  • How to build non-secure software
  • How hardware ensures security for I/O and memory
  • Impacts to latency caused by transitions
  • How to map resources (I/O, memory, exceptions/interrupts)
  • Configure the Security Attribution Unit
  • How violations are caught
  • How to debug secure code
  • Prevent non-secure access to debug resources

Pre-requisites

Delegates should have good knowledge of embedded systems, and a basic understanding of embedded programming in C and assembler. Solid knowledge of the Arm v7-M architecture (minimum M3/M4) or Arm v8-M architecture is required (or prior attendance of Developing with Arm Cortex-M or the Software Design courses covering Arm Cortex-M23 or Arm Cortex-M33). Please contact Doulos directly to discuss and assess your specific experience against the pre-requisites.

Training materials

Doulos training materials are renowned for being the most comprehensive and user-friendly available. Their style, content and coverage are unique in the Embedded Systems training world, and have made them sought after resources in their own right. The materials include:

  • Fully indexed class notes creating a complete reference manual
  • Workbook full of practical examples and solutions to help you apply your knowledge

The training materials for this class are based on Arm's own material. Doulos is a global Arm Approved Training Partner.

Content

TrustZone for Armv8-M Introduction to Security

Assets and Threats • Typical attacks • Roots of trust • Security domains • Clocks and power issues • Security of Libraries • Physical Security • Costs of security • SecurCore • Functional Safety • CMSIS Secure API

TrustZone for ARMv8-M Overview

Security States • Calling between security states • Register banking • Memory security • New instructions • How exceptions are mapped • Behavior changes for exceptions

TrustZone System IP for Embedded Systems

System level memory partitioning • Managing legacy device interactions • Memory and I/O gating • SIE-200 • Block and watermark-based memory partitioning • Issues with programmable masters

TrustZone for Armv8-M Toolchain Support

Arm C Language Extensions (ACLE) supporting TrustZone • Calling non-secure code from secure code • Calling secure code from non-secure code • Creating an import library • Using an import library • Secure gateway veneers • Using CMSIS to configure the SAU • TT instruction

Armv8-M Secure Software Design Considerations

Protecting against low-level attacks • Format string attack • Timer bombs • Unauthorized addresses • Tampering with parameters • Stack attack • Code injection • Return oriented programming • Design for Testing • Templates vs Meta-APIs • White Hat Teams • Request audit/service model • API Access Range Restriction

TrustZone for Armv8-M Security Attribution

Processor level memory partitioning • MPU memory basics • PPB access • SAU registers • SAU configuration • Examples of IDAU mappings

TrustZone for Armv8-M Exception Handling

Reset considerations • Secure boot • Exception types • Stack frame layouts • Secure exception behaviors • Secure interrupt configuration • Interrupt priority issues • Fault exceptions for security

Lab Descriptions for ARMv8-M Security Extensions using Keil MDK 5

  • Lab 1: Building and Debugging a Secure Image
    • Create a project for a secure application
    • Debugging the Secure Image
    • Creating an Import Library
  • Lab 2: Building a Non-secure Image
    • Create a project for a Non-secure application
    • Calling the Secure Image
  • Lab 3: Creating a Multi-Project Workspace
    • Importing existing projects
    • Initializing and calling the Non-secure image
    • Running a Batch Build
  • Lab 4: Debugging Secure and Non-secure images
  • Lab 5: Configuring the Security Attribution Unit
  • Lab 6: Secure and Non-secure Exception Handling


For on-site, team-based training, please contact Doulos about tailoring this course to suit your particular hardware and software environment.

Arm and Cortex are registered are registered trade marks of Arm Holdings Plc.


Looking for team-based training, or other locations?

Complete an on-line form and a Doulos representative will get back to you »

Back to top
Privacy Policy Site Map Contact Us