Security is an emerging topic in the field of mobile and em- bedded platforms. The Trusted Computing Group (TCG) has outlined one possible approach to mobile platform security by recently extending their set of Trusted Computing specifications with Mobile Trusted Modules (MTMs).
The MTM specification published by the TCG is a platform independent approach to Trusted Computing explicitly allowing for a wide range of potential implementations. ARM follows a different approach to mobile platform security, by extending platforms with hardware supported ARM TrustZone security mechanisms.
This paper outlines an approach to merge TCG-style Trusted Computing concepts with ARM TrustZone technology in order to build an open Linux-based embedded trusted computing platform. Two-kernel platform design approaches are a natural fit to the TrustZone concept. All design and prototype ideas presented in this paper are being implemented at IAIK on a TrustZone aware prototype ARMv6 processor based on the ARM1176JZF-S core.
However for implementing a platform design following the spirit of the Mobile Reference Architecture envisioned by the TCG, just having two separate operating system worlds seems to be insufficient. In principle the TCG’s Mobile Reference Architecture decomposes the platform into a set of isolated trusted engines owned by different entities. Each of those trusted engines typically has an associated MTM and well defined interfaces for communication with other trusted engines.
Using TrustZone features, the IAIK prototype creates two strongly isolated system partitions. The secureworld partition continues if the kernel’s RIM certificate can be successfully validated. The measurement values obtained by u-boot are handed over to the secure-world Linux kernel and are available after the Linux kernel hands over control to the user- space init process.
For the IAIK prototype implementation, an adapted version of the Linux 2.6.24 kernel has been chosen as basis for the secure world operating system. This secure world Linux kernel contains a number of TrustZone specific extensions, most notably it provides a special user-space interface, allowing regular secure world user-space processes to act as “hypervisor” for the non-secure world partition.
To read more of this external content, download the complete paper from the authors online archives.