2020

Zaidenberg, Nezer Jacob; Ben Yehuda, Raz; Leon, Roee Shimon

Many scenarios such as DRM, payments, and homeland security require a trusted and verified trusted execution environment (TEE) on ARM. In most cases such TEE should be available in source code mode. The vendor cannot conduct code review and ensure that the operating system is trustworthy unless source code is available. Android and other rich execution environments (REEs) support various TEE implementations. Each TEE implementation has its own unique way of deploying trusted applications and features. Most TEEs in ARM can be started at TrustZone™ or Hyp (Hypervisor) mode. Choosing a proper TEE operating system can be a problem for trusted application developers and hardware vendors. This article discuss the hypervisor vs. TrustZone™ implementation dilemma. Furthermore, the article surveys multiple ARM TrustZone™ TEE solutions and ARM virtualization solutions that are available today with source code. This article allows IoT vendors and SoC manufacturer to select a suitable TEE for their platform needs based on their criteria.