Virtualizing the Trusted Execution Environment -

Virtualizing the Trusted Execution Environment


Mobile computing devices such as smartphones are an important part of our lives. We are using phones to make payments, to communicate with friends and family, and to carry out an ever increasing parts of our jobs. In short, we are becoming more and more dependent on mobile computing devices and expect such systems to work correctly and securely.

At the same time, phones (and embedded systems in general) are reaching a level of complexity where existence of critical errors in their software is almost inevitable. At the same time, even minor software glitches can have effect on our lives.

For example, recently a software error in the alarm application of a popular mobile OS resulted in a large number of people arriving late to their works, which in some places also resulted in further problems with public transportation. These types of problems will only accelerate when cyber-criminals start actively exploiting software glitches in phones and embedded systems for financial gain.

One method to improve security of computing devices is to create isolated layers of software such that a problem in one layer does not affect other layers. For example, in general purpose operative systems, memory protection is used to separate applications from each other and from the operative system. Hence, an error in one application cannot directly affect any other applications.

Hypervisor technologies extend this idea by introducing another layer of isolation, which separates multiple operative systems from each other and/or from the bare metal hardware. Hence, hypervisors can be used as security enablers.

The goal of this project is to design and implement a hypervisor for the U8500 NovaThor platform that operates inside the secure world of the main CPUs. The hypervisor will virtualize the underlying hardware in such way that the Trusted Execution Environment either directly or with the help of the hypervisor can provide secure isolation between the Trusted Applications, and between Trusted Applications and normal applications.

NovaThor from ST-Ericsson is a family of advanced System-on-Chip (SoC) platforms used primarily in smartphones. The NovaThor utilizes a TrustZone enabled ARMv7 CPU, which adds a secondary isolation layer. This isolation layer separates the Normal world from new Secure world, inside which trusted application can run with full isolation from the rest of the system including whatever general purpose operative system or applications the system is running.

The SICS Thin Hypervisor (STH) is a small and portable hypervisor for embedded systems. The small size of STH makes it suitable for many embedded systems where resources are scarce. The STH is currently being updated to support more powerful systems and the ability to host more complex guests such as the Linux kernel. At the same time, the implementation is being formally verified to ensure correctness.

Another focus of this project is the Trusted Execution Environment (TEE) specification of GlobalPlatform. The TEE specification defines an environment where Trusted Applications (TA) can be executed in a secure manner, and normal (possibly untrusted) applications can utilise the functionality of the TA. The specification also defines a method for secure communication between applications.

After carefully examining the GlobalPlatform architecture, we noted that some parts of the APIs can bebuilt upon a hypervisor. We further noticed that the isolation and RPC mechanisms in GlobalPlatform are of special interest to us and can be implemented on top of an existing hypervisor with relativity small amount of work.

Given that a hypervisor implementation can be quite small and efficient, a hypervisor-based approach to GlobalPlatform may allow high security at a very low cost. To demonstrate this, the SICS Thin Hypervisor was modified to support a simplified Trusted Execution Environment and some simple Trusted Application.

To read this external content in full, download the complete paper from the author archives at the Swedish ICT.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.