Series 2 TrustZone#

NOTE: This section replaces AN1374: TrustZone. Further updates to this user guide will be provided here.

ARMv8-M TrustZone is a technology that provides a foundation for improved system security in embedded applications. It allows the ARMv8-M to be aware of the security states of the system. Series 2 devices use the Cortex-M33 core to implement the ARMv8-M TrustZone security extension, which provides the ability to restrict access to peripherals and memory regions based on the processor security attribute. TrustZone works with the MPU, which controls privileged/unprivileged execution of code to provide a complete security solution.

ARMv8-M TrustZone is an extensive topic. The references below are publicly available on the ARM Developer Documentation website.

• ARMv8-M Architecture Reference Manual

• ARMv8-M Architecture Technical Overview

• ARM Cortex-M33 Processor Technical Reference Manual

• System Design with ARMv8-M

• TrustZone technology for ARMv8-M Architecture

• ARM Cortex-M33 Devices Generic User Guide

• Secure software guidelines for ARMv8-M

• Software Development in ARMv8-M ArchitectureReading guides:

• Beginner

• Minimal experience with TrustZone, starting with TrustZone Basics

• Intermediate - Have a basic understanding of the TrustZone technology, starting with Bus Level Security

• Advanced - Developed experience on TrustZone, starting with TrustZone Implementation-Demo - Starting with TrustZone Platform Examples

Key Points#

• TrustZone Basics

• Bus Level Security (BLS)

• Secure and Privileged Programming Model

• TrustZone Implementation

• Upgrade Existing Application to TrustZone

• TrustZone Platform Examples