SlideShare a Scribd company logo

RISC-V-Day-Tokyo2018-suzaki

Kuniyasu Suzaki
Kuniyasu Suzaki

The document discusses Trusted Execution Environments (TEEs) and running the Open Portable Trusted Execution Environment (OP-TEE) trusted operating system on RISC-V. It provides an overview of TEEs, describes OP-TEE and the requirements to implement it on RISC-V, including developing a boot sequence, kernel driver, and libraries. The document also compares TEE implementations on ARM TrustZone and Intel SGX and covers memory mapping when running OP-TEE on ARM-based boards.

Technology
1 of 14
Download to read offline
TEE to Run Trusted OS on RISC-V and Related Technologies 1 National Institute of Advanced Industrial Science and Technology(AIST) Kuniyasu Suzaki, Akira Tsukamoto
Contents • What is TEE? – RISC-V TEE • Trusted OS – “OP-TEE” – Requirement to implement OP-TEE 2 The difference from Micro51 workshop. Software view (RISC-V day Tokyo), Hardware view (Micro51 workshop) Slides will be opened at https://www.slideshare.net/suzaki
HIEE: Hardware-assisted Isolated Execution Environments* • HIEE is used for important process which is independent of OS. • Current CPU has HIEE. – X86 SMM: System Management Mode • Used by BIOS/UEFI. – Intel’s ME: Management Engine. • Run MINIX. Used for remote power control. – Intel SGX: Software Guard execution – ARM Trust Zone 3 * F.Zhang and H.Zhang, SoK:A Study of Using Hardware-assisted Isolated Execution Environments for Security[HASP16] They are not programmable for a user. They are programmable for a user. They are used for TEE.
What is TEE? • TEE: Trusted Execution Environment. – TEE separates computing world into “normal” and “secure”. • Secure world is used to run a critical code (e.g., authentication, DRM, etc). – GlobalPlatform defines TEE specification. • https://globalplatform.org/technical-committees/trusted-execution-environment-tee-committee/ 4 CPU TEE Secure World Normal World App Normal OS
Privileges for TEE • Global Platform's TEE specification assumes plural privileges on both worlds to run application on a OS. – Normal world runs normal applications on a normal OS. – Secure world runs trusted applications (TAs) on a trusted OS. • ARM Trust Zone offers same privileges to normal and secure world. • Intel SGX has only one privilege (enclave). – Enclave is different from Ring Architecture. 5 CPU Trusted OS Secure World Normal World App Normal OS (e.g., Linux) Trusted Application (TA) POSIX APIGP TEE API
TEE projects on RISC-V • Sanctum [MIT project, USENIX Sec’16] • KeyStone [UCB project] – https://keystone-enclave.org/ • MultiZone [Hex-Five product] – https://hex-five.com/ • TEE WG of RISC-V Foundation 6 Intel SGX type One special privilege (Enclave) ARM Trust Zone type plural privileges easy to implement GlobalPlatform style Trusted OS
ARM Trusted OS on ARM Trust Zone • GlobalPlatform model 7 Secure world Normal world Normal Applications Normal OS NIC Core Trusted OS Trusted Applications (TA) Core Secure Mode Hard eMMCUART Exception Level EL0: User EL1: Privilege EL2: Hypervisor EL3: Secure SMC (Secure Monitor Call) instruction Memory Static allocate Dynamic allocate
Boot Sequence on ARM Trust Zone • BL: Boot Loader • EL: Exception Level 8 Power on BL1: BootROM BL2: Trusted Boot Firmware Secure World Normal World BL31: Secure Monitor BL32: Trusted OS BL33: Normal OS EL3:Secure EL2:Hypervisor EL1:Priviledge EL0:User EL3:Secure EL2:Hypervisor EL1:Priviledge EL0:User
Trusted OS • Trusted OS is not a normal OS – Trusted OS is TCB (Trusted Computing Base). It must be secure (small). – No POSIX API, No dynamic link library • TA becomes a static linked binary. • Trusted OS needs the help of normal OS – Because Trusted OS has no File System, no device driver (except some special devices, e.g., UART) • When a TA want to save a data, the data is encrypted and saved on FS of normal OS. 9
Trusted OS • Open Source Trusted OS – OP-TEE (Linaro) https://github.com/OP-TEE – Open-TEE (Aalto University[TrustCom15]) https://open-tee.github.io/ – Trusty (Google) https://source.android.com/security/trusty/index.html – SierraTEE (Sierra) https://www.sierraware.com/open-source-ARM-TrustZone.html • Enterprise Trusted OS – Apple’s Secure Enclave – Qualcomm’s QSEE – Samsung’s Knox https://www.samsungknox.com/en – Trastonic Kinibi and MobiCore 10
How to run a TA on OP-TEE 11 Secure World Normal World Secure Monitor Exception Level EL0: User EL1: Privilege EL2: Hypervisor EL3: Secure Linux with op-tee driver TA with libutee.a OP-TEE (signature check) (dispatch by UUID) TA-Client TEE-Supplicant /dev/tee0 /dev/teeprev0 Load a TA Use a TA Helper of TAsignatureMajor Roll • TA-Client loads a TA on OP-TEE – TA needs a signature to load on OP-TEE – TA has a UUID to communicate with TA- Client and TEE-Supplicant • TA-Client sends a request to TA • TA replies an answer to TA-Client • TA sends a request to TEE- Supplicant (e.g., to save an encrypted data on File System) TEE internal API only (No POSIX sys call) TA libtee.so
Memory Map of OP-TEE • ARM Hikey Board 2GB • Software size: Our experience – Secure world • Secure Monitor 33KB • OP-TEE 281KB • TA 1,200KB – Normal World (on Linux) • TA-Client 17KB • TEE-Supplicant 197KB 12 0x7FFFFFFF (2GB) OP-TEE & TA 0x7F000000 16MB 0x7EC0000 Shared Memory 4 MB 0x7E80000 Linux Kernel with SMC driver 4 MB 0x7E00000 8 MB Secure Data Path Buffer Reserved Secure World Normal World
OP-TEE on RISC-V using seL4 • Rahul Mahadev’s Google Summer of Code • http://mahadevrahul.blogspot.com/ – The Trust Zone features and secure monitor are implemented as a seL4 library. – OP-TEE is paravirtualized, all calls referencing ARM Trusted Firmware and secure monitor are replaced with new calls. 13 seL4 Rich OS (Linux) Library to emulate Trust Zone VMM Paravirtualized OP-TEE TAApp
Conclusions • My talk is software view of TEE • When we implement OP-TEE on RISC-V, we must develop – Boot sequence: Trusted Boot Firmware, Secure Monitor – Linux kernel driver – Libraries (libutee.a for TA and libtee.so for Linux Apps) – Linux application to assist TA (TEE-supplicant) 14 See Micro51 RISC-V workshop for hardware view Slide of RISC-V Day Tokyo 2018 and Micro51 RISC-V workshop will be opened at https://www.slideshare.net/suzaki

Recommended

Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_
Linaro
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
Linaro
 
LCU13: An Introduction to ARM Trusted Firmware
LCU13: An Introduction to ARM Trusted FirmwareLCU13: An Introduction to ARM Trusted Firmware
LCU13: An Introduction to ARM Trusted Firmware
Linaro
 
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Linaro
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Kuniyasu Suzaki
 
Chips alliance omni xtend overview
Chips alliance omni xtend overviewChips alliance omni xtend overview
Chips alliance omni xtend overview
RISC-V International
 
Linux on RISC-V with Open Hardware (ELC-E 2020)
Linux on RISC-V with Open Hardware (ELC-E 2020)Linux on RISC-V with Open Hardware (ELC-E 2020)
Linux on RISC-V with Open Hardware (ELC-E 2020)
Drew Fustini
 

Recommended

Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_
Linaro
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
Linaro
 
LCU13: An Introduction to ARM Trusted Firmware
LCU13: An Introduction to ARM Trusted FirmwareLCU13: An Introduction to ARM Trusted Firmware
LCU13: An Introduction to ARM Trusted Firmware
Linaro
 
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Linaro
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Kuniyasu Suzaki
 
Chips alliance omni xtend overview
Chips alliance omni xtend overviewChips alliance omni xtend overview
Chips alliance omni xtend overview
RISC-V International
 
Linux on RISC-V with Open Hardware (ELC-E 2020)
Linux on RISC-V with Open Hardware (ELC-E 2020)Linux on RISC-V with Open Hardware (ELC-E 2020)
Linux on RISC-V with Open Hardware (ELC-E 2020)
Drew Fustini
 
Bootloaders
BootloadersBootloaders
Bootloaders
Anil Kumar Pugalia
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequence
Houcheng Lin
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
Satpal Parmar
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
Linaro
 
Linux on ARM 64-bit Architecture
Linux on ARM 64-bit ArchitectureLinux on ARM 64-bit Architecture
Linux on ARM 64-bit Architecture
Ryo Jin
 
Yocto - Embedded Linux Distribution Maker
Yocto - Embedded Linux Distribution MakerYocto - Embedded Linux Distribution Maker
Yocto - Embedded Linux Distribution Maker
Sherif Mousa
 
BeagleBone Black Bootloaders
BeagleBone Black BootloadersBeagleBone Black Bootloaders
BeagleBone Black Bootloaders
SysPlay eLearning Academy for You
 
Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)
Yannick Gicquel
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
Linaro
 
ARM Trusted FirmwareのBL31を単体で使う!
ARM Trusted FirmwareのBL31を単体で使う!ARM Trusted FirmwareのBL31を単体で使う!
ARM Trusted FirmwareのBL31を単体で使う!
Mr. Vengineer
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
Linaro
 
Introduction to yocto
Introduction to yoctoIntroduction to yocto
Introduction to yocto
Alex Gonzalez
 
Interrupts
InterruptsInterrupts
Interrupts
Anil Kumar Pugalia
 
Introduction to Modern U-Boot
Introduction to Modern U-BootIntroduction to Modern U-Boot
Introduction to Modern U-Boot
GlobalLogic Ukraine
 
HKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP WorkshopHKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP Workshop
Linaro
 
LAS16-TR06: Remoteproc & rpmsg development
LAS16-TR06: Remoteproc & rpmsg developmentLAS16-TR06: Remoteproc & rpmsg development
LAS16-TR06: Remoteproc & rpmsg development
Linaro
 
Embedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernelEmbedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernel
Emertxe Information Technologies Pvt Ltd
 
Introduction to open_sbi
Introduction to open_sbiIntroduction to open_sbi
Introduction to open_sbi
Nylon
 
PCI Drivers
PCI DriversPCI Drivers
PCI Drivers
Anil Kumar Pugalia
 
SPI Drivers
SPI DriversSPI Drivers
SPI Drivers
SysPlay eLearning Academy for You
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 

More Related Content

What's hot

Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequence
Houcheng Lin
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
Linaro
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
Linaro
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
Linaro
 
HKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP WorkshopHKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP Workshop
Linaro
 
LAS16-TR06: Remoteproc & rpmsg development
LAS16-TR06: Remoteproc & rpmsg developmentLAS16-TR06: Remoteproc & rpmsg development
LAS16-TR06: Remoteproc & rpmsg development
Linaro
 

What's hot (20)

Bootloaders
BootloadersBootloaders
Bootloaders
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequence
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
 
Linux on ARM 64-bit Architecture
Linux on ARM 64-bit ArchitectureLinux on ARM 64-bit Architecture
Linux on ARM 64-bit Architecture
 
Yocto - Embedded Linux Distribution Maker
Yocto - Embedded Linux Distribution MakerYocto - Embedded Linux Distribution Maker
Yocto - Embedded Linux Distribution Maker
 
BeagleBone Black Bootloaders
BeagleBone Black BootloadersBeagleBone Black Bootloaders
BeagleBone Black Bootloaders
 
Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
 
ARM Trusted FirmwareのBL31を単体で使う!
ARM Trusted FirmwareのBL31を単体で使う!ARM Trusted FirmwareのBL31を単体で使う!
ARM Trusted FirmwareのBL31を単体で使う!
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
 
Introduction to yocto
Introduction to yoctoIntroduction to yocto
Introduction to yocto
 
Interrupts
InterruptsInterrupts
Interrupts
 
Introduction to Modern U-Boot
Introduction to Modern U-BootIntroduction to Modern U-Boot
Introduction to Modern U-Boot
 
HKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP WorkshopHKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP Workshop
 
LAS16-TR06: Remoteproc & rpmsg development
LAS16-TR06: Remoteproc & rpmsg developmentLAS16-TR06: Remoteproc & rpmsg development
LAS16-TR06: Remoteproc & rpmsg development
 
Embedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernelEmbedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernel
 
Introduction to open_sbi
Introduction to open_sbiIntroduction to open_sbi
Introduction to open_sbi
 
PCI Drivers
PCI DriversPCI Drivers
PCI Drivers
 
SPI Drivers
SPI DriversSPI Drivers
SPI Drivers
 

Similar to RISC-V-Day-Tokyo2018-suzaki

BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
Thesis presentation
Thesis presentationThesis presentation
Thesis presentation
CHIACHE lee
 
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTInria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Stéphanie Roger
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source security
Linaro
 
Srikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latestSrikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latest
Srikanth Pilli
 
tizen-oshw-tds14sh
tizen-oshw-tds14shtizen-oshw-tds14sh
tizen-oshw-tds14sh
Phil www.rzr.online.fr
 

Similar to RISC-V-Day-Tokyo2018-suzaki (20)

LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
 
Thesis presentation
Thesis presentationThesis presentation
Thesis presentation
 
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoTInria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
Inria Tech Talk : RIOT, l'OS libre pour vos objets connectés #IoT
 
TMS320DM8148 Embedded Linux
TMS320DM8148 Embedded LinuxTMS320DM8148 Embedded Linux
TMS320DM8148 Embedded Linux
 
6 andrii grygoriev - security issues in arm trust zone software
6 andrii grygoriev - security issues in arm trust zone software6 andrii grygoriev - security issues in arm trust zone software
6 andrii grygoriev - security issues in arm trust zone software
 
Slimline Open Firmware
Slimline Open FirmwareSlimline Open Firmware
Slimline Open Firmware
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source security
 
Faults inside System Software
Faults inside System SoftwareFaults inside System Software
Faults inside System Software
 
19EICN
19EICN19EICN
19EICN
 
IOT Exploitation
IOT Exploitation IOT Exploitation
IOT Exploitation
 
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
 
Srikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latestSrikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latest
 
HiPEAC Computing Systems Week 2022_Mario Porrmann presentation
HiPEAC Computing Systems Week 2022_Mario Porrmann presentationHiPEAC Computing Systems Week 2022_Mario Porrmann presentation
HiPEAC Computing Systems Week 2022_Mario Porrmann presentation
 
HiPEAC 2022_Marcelo Pasin presentation
HiPEAC 2022_Marcelo Pasin presentationHiPEAC 2022_Marcelo Pasin presentation
HiPEAC 2022_Marcelo Pasin presentation
 
tizen-oshw-tds14sh
tizen-oshw-tds14shtizen-oshw-tds14sh
tizen-oshw-tds14sh
 
How to port Tizen:Common to open source hardware devices?
How to port Tizen:Common to open source hardware devices? How to port Tizen:Common to open source hardware devices?
How to port Tizen:Common to open source hardware devices?
 
The Role of Standards in IoT Security
The Role of Standards in IoT SecurityThe Role of Standards in IoT Security
The Role of Standards in IoT Security
 
Tizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
Tizen RT: A Lightweight RTOS Platform for Low-End IoT DevicesTizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
Tizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
 
Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Secure initialization of Trusted Execution Environments: When Secure Boot fal...Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Secure initialization of Trusted Execution Environments: When Secure Boot fal...
 

More from Kuniyasu Suzaki

OSセキュリティチュートリアル
OSセキュリティチュートリアルOSセキュリティチュートリアル
OSセキュリティチュートリアル
Kuniyasu Suzaki
 

More from Kuniyasu Suzaki (20)

RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
 
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
 
IETF111 RATS: Remote Attestation ProcedureS 報告
IETF111 RATS: Remote Attestation ProcedureS 報告IETF111 RATS: Remote Attestation ProcedureS 報告
IETF111 RATS: Remote Attestation ProcedureS 報告
 
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
 
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
 
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
 
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
 
BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017
 
USENIX NSDI17 Memory Disaggregation
USENIX NSDI17 Memory DisaggregationUSENIX NSDI17 Memory Disaggregation
USENIX NSDI17 Memory Disaggregation
 
Io t security-suzki-20170224
Io t security-suzki-20170224Io t security-suzki-20170224
Io t security-suzki-20170224
 
”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016
 
Report for S4x14 (SCADA Security Scientific Symposium 2014)
Report for S4x14 (SCADA Security Scientific Symposium 2014)Report for S4x14 (SCADA Security Scientific Symposium 2014)
Report for S4x14 (SCADA Security Scientific Symposium 2014)
 
Slide used at ACM-SAC 2014 by Suzaki
Slide used at ACM-SAC 2014 by SuzakiSlide used at ACM-SAC 2014 by Suzaki
Slide used at ACM-SAC 2014 by Suzaki
 
OSセキュリティチュートリアル
OSセキュリティチュートリアルOSセキュリティチュートリアル
OSセキュリティチュートリアル
 
Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies
 
Bitvisorをベースとした既存Windowsのドライバメモリ保護
Bitvisorをベースとした既存Windowsのドライバメモリ保護Bitvisorをベースとした既存Windowsのドライバメモリ保護
Bitvisorをベースとした既存Windowsのドライバメモリ保護
 
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
 
仮想化技術によるマルウェア対策とその問題点
仮想化技術によるマルウェア対策とその問題点仮想化技術によるマルウェア対策とその問題点
仮想化技術によるマルウェア対策とその問題点
 
Technology Used in Virtual Machine (Jan 2008)
Technology Used in Virtual Machine (Jan 2008)Technology Used in Virtual Machine (Jan 2008)
Technology Used in Virtual Machine (Jan 2008)
 
EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

RISC-V-Day-Tokyo2018-suzaki

  • 1. TEE to Run Trusted OS on RISC-V and Related Technologies 1 National Institute of Advanced Industrial Science and Technology(AIST) Kuniyasu Suzaki, Akira Tsukamoto
  • 2. Contents • What is TEE? – RISC-V TEE • Trusted OS – “OP-TEE” – Requirement to implement OP-TEE 2 The difference from Micro51 workshop. Software view (RISC-V day Tokyo), Hardware view (Micro51 workshop) Slides will be opened at https://www.slideshare.net/suzaki
  • 3. HIEE: Hardware-assisted Isolated Execution Environments* • HIEE is used for important process which is independent of OS. • Current CPU has HIEE. – X86 SMM: System Management Mode • Used by BIOS/UEFI. – Intel’s ME: Management Engine. • Run MINIX. Used for remote power control. – Intel SGX: Software Guard execution – ARM Trust Zone 3 * F.Zhang and H.Zhang, SoK:A Study of Using Hardware-assisted Isolated Execution Environments for Security[HASP16] They are not programmable for a user. They are programmable for a user. They are used for TEE.
  • 4. What is TEE? • TEE: Trusted Execution Environment. – TEE separates computing world into “normal” and “secure”. • Secure world is used to run a critical code (e.g., authentication, DRM, etc). – GlobalPlatform defines TEE specification. • https://globalplatform.org/technical-committees/trusted-execution-environment-tee-committee/ 4 CPU TEE Secure World Normal World App Normal OS
  • 5. Privileges for TEE • Global Platform's TEE specification assumes plural privileges on both worlds to run application on a OS. – Normal world runs normal applications on a normal OS. – Secure world runs trusted applications (TAs) on a trusted OS. • ARM Trust Zone offers same privileges to normal and secure world. • Intel SGX has only one privilege (enclave). – Enclave is different from Ring Architecture. 5 CPU Trusted OS Secure World Normal World App Normal OS (e.g., Linux) Trusted Application (TA) POSIX APIGP TEE API
  • 6. TEE projects on RISC-V • Sanctum [MIT project, USENIX Sec’16] • KeyStone [UCB project] – https://keystone-enclave.org/ • MultiZone [Hex-Five product] – https://hex-five.com/ • TEE WG of RISC-V Foundation 6 Intel SGX type One special privilege (Enclave) ARM Trust Zone type plural privileges easy to implement GlobalPlatform style Trusted OS
  • 7. ARM Trusted OS on ARM Trust Zone • GlobalPlatform model 7 Secure world Normal world Normal Applications Normal OS NIC Core Trusted OS Trusted Applications (TA) Core Secure Mode Hard eMMCUART Exception Level EL0: User EL1: Privilege EL2: Hypervisor EL3: Secure SMC (Secure Monitor Call) instruction Memory Static allocate Dynamic allocate
  • 8. Boot Sequence on ARM Trust Zone • BL: Boot Loader • EL: Exception Level 8 Power on BL1: BootROM BL2: Trusted Boot Firmware Secure World Normal World BL31: Secure Monitor BL32: Trusted OS BL33: Normal OS EL3:Secure EL2:Hypervisor EL1:Priviledge EL0:User EL3:Secure EL2:Hypervisor EL1:Priviledge EL0:User
  • 9. Trusted OS • Trusted OS is not a normal OS – Trusted OS is TCB (Trusted Computing Base). It must be secure (small). – No POSIX API, No dynamic link library • TA becomes a static linked binary. • Trusted OS needs the help of normal OS – Because Trusted OS has no File System, no device driver (except some special devices, e.g., UART) • When a TA want to save a data, the data is encrypted and saved on FS of normal OS. 9
  • 10. Trusted OS • Open Source Trusted OS – OP-TEE (Linaro) https://github.com/OP-TEE – Open-TEE (Aalto University[TrustCom15]) https://open-tee.github.io/ – Trusty (Google) https://source.android.com/security/trusty/index.html – SierraTEE (Sierra) https://www.sierraware.com/open-source-ARM-TrustZone.html • Enterprise Trusted OS – Apple’s Secure Enclave – Qualcomm’s QSEE – Samsung’s Knox https://www.samsungknox.com/en – Trastonic Kinibi and MobiCore 10
  • 11. How to run a TA on OP-TEE 11 Secure World Normal World Secure Monitor Exception Level EL0: User EL1: Privilege EL2: Hypervisor EL3: Secure Linux with op-tee driver TA with libutee.a OP-TEE (signature check) (dispatch by UUID) TA-Client TEE-Supplicant /dev/tee0 /dev/teeprev0 Load a TA Use a TA Helper of TAsignatureMajor Roll • TA-Client loads a TA on OP-TEE – TA needs a signature to load on OP-TEE – TA has a UUID to communicate with TA- Client and TEE-Supplicant • TA-Client sends a request to TA • TA replies an answer to TA-Client • TA sends a request to TEE- Supplicant (e.g., to save an encrypted data on File System) TEE internal API only (No POSIX sys call) TA libtee.so
  • 12. Memory Map of OP-TEE • ARM Hikey Board 2GB • Software size: Our experience – Secure world • Secure Monitor 33KB • OP-TEE 281KB • TA 1,200KB – Normal World (on Linux) • TA-Client 17KB • TEE-Supplicant 197KB 12 0x7FFFFFFF (2GB) OP-TEE & TA 0x7F000000 16MB 0x7EC0000 Shared Memory 4 MB 0x7E80000 Linux Kernel with SMC driver 4 MB 0x7E00000 8 MB Secure Data Path Buffer Reserved Secure World Normal World
  • 13. OP-TEE on RISC-V using seL4 • Rahul Mahadev’s Google Summer of Code • http://mahadevrahul.blogspot.com/ – The Trust Zone features and secure monitor are implemented as a seL4 library. – OP-TEE is paravirtualized, all calls referencing ARM Trusted Firmware and secure monitor are replaced with new calls. 13 seL4 Rich OS (Linux) Library to emulate Trust Zone VMM Paravirtualized OP-TEE TAApp
  • 14. Conclusions • My talk is software view of TEE • When we implement OP-TEE on RISC-V, we must develop – Boot sequence: Trusted Boot Firmware, Secure Monitor – Linux kernel driver – Libraries (libutee.a for TA and libtee.so for Linux Apps) – Linux application to assist TA (TEE-supplicant) 14 See Micro51 RISC-V workshop for hardware view Slide of RISC-V Day Tokyo 2018 and Micro51 RISC-V workshop will be opened at https://www.slideshare.net/suzaki