Secure Execution Environments

TrustZone bootstrap

A TZ-enable ARM SoC boots on the Secure World.

  • It allows the Secure World to configure the TZ-related components to enforce a given security policy.

The configuration data can be:

  • Embedded in the SoC ROM.

  • Provided by external peripheral and validated with information in SoC ROM.

    • e.g. must contain a signature validated with an in-SoC public key.

PreviousArchitectureNextNamespaces

Last updated