High-End Security Features for Low-End Microcontrollers

ARM® TrustZone® technology for ARM Cortex®-M33 enables systems and their software to be partitioned into multiple security domains. Next generation
microcontroller operating systems can benefit from these hardware security features without affecting real time performance.
This paper presents one of the possible configurations - showing how critical operating system functions can be accelerated with new hardware security features while maintaining the real-time properties of the secure OS. Critical system functions include secure memory allocation, interrupt management, whitelisting of peripheral access, cross-domaincalls and secure boot.
A prototype for such an operating system – the ARM mbed™ OS with uVisor - is currently being developed on GitHub1 to verify these concepts with practical use cases.