Santa Barbara, Ca. – Green Hills Software has added support for ARM's TrustZone technology to its INTEGRITY Secure Virtualization (ISV) software package built on its INTEGRITY RTOS, certified by the NSA to EAL6+ High Robustness.
According to Gordon Jones, vice president of Green Hills Software's Embedded Virtualization Business Unit, the company's Secure Virtualization software package is designed to reduce costs through processor consolidation, improves system security and reliability, and reduce the certification burden in mission critical applications such as banking, industrial control, and medical systems.
He said ISV now supports TrustZone technology-enabled ARM cores ” including the ARM1176JZ(F)-S, Cortex-A8 and Cortex-A9 processors ” on system-on-chip (SoC) implementations from Texas Instruments Incorporated (TI), Freescale, and other semiconductor partners.
Jones said the company's secure virtualization software architecture is designed to simplify deployment of trustworthy applications, such as network authentication and digital rights management, sandboxed from the general purpose operating environment.
It consists of the certified INTEGRITY operating system technology coupled with facilities to execute one or more “guest” operating systems on TrustZone technology-enabled SoCs. It also provides a communications interface for the normal zone to request services of the secure zone. Jones said the architecture enables security and reliability-critical applications to safely execute with guaranteed memory, CPU time resources, and device access control, regardless of what is happening in the normal zone.
The package allows the use of the ARM memory management unit (MMU) to compartmentalize the secure zone into “metazones,” to further reduces time to certification for specialized applications, such as key management and other financial transaction components, which must share the secure zone with other critical components.
In addition to managing critical applications in the secure zone, it can run in the normal zone, using paravirtualization to host Linux and other guest operating systems. Alternatively, the Secure Virtualization software can host unmodified guest operating systems (“full” virtualization) by taking advantage of TrustZone hardware features.
INTEGRITY Secure Virtualization runs on commercial, off-the-shelf platforms such as the Texas Instruments OMAP 35x and Freescale i.MX515. To learn more, go to www.ghs.com.