Skip to content
Back
Theme
Embedded Systems Security and TrustZone
4 min read
Original article ↗
Embedded Systems Security and TrustZone
Support this book!
Tell your friends!
1
Introduction
1.1
What to expect?
1.2
Support & Give Back
1.2.1
€ Donate
1.2.2
✓ Report Bugs
1.2.3
♥ Share
1.3
Sponsors
1.4
About me
2
Basics: C language
2.1
Introduction
2.2
C language: General terms and concepts
2.3
C objects and identifiers: Terms and Concepts
2.4
Compiler, Assembler and Linker: Terms and concepts
2.4.1
Assembler terms
2.5
ELF
2.6
Symbols
2.6.1
Symbols: Tools
2.6.2
Symbols: ELF
2.6.3
Symbols: Assembler
2.7
Sections
2.7.1
Sections: Tools
2.7.2
Sections: ELF
2.7.3
Sections: Compiler and Assembler
2.7.4
Sections: Summary
2.8
Literal Pools
2.9
Relocation
2.10
Veneers
2.11
Linker Script
2.12
Excursus: Arm-Thumb interworking and .glue_7 and .glue_7t
3
Basics: Arm M-profile architectures and Cortex-M
3.1
Introduction
3.2
Architectures and Core Implementations
3.3
Arm -M profile (Armv6-M, Armv7-M, Armv8-M)
3.4
Execution Modes and Privilege Levels
3.4.1
Configuration
3.5
Memory System
3.6
Exceptions and Interrupts
3.6.1
System Exception and Vector Table Configuration
3.6.2
NVIC
3.6.3
Masking
3.7
Registers
3.7.1
General-purpose registers
3.7.2
Special-purpose registers
4
Basics: TrustZone-M
4.1
Introduction
4.2
Execution Modes and Privilege Levels (with TrustZone)
4.3
TrustZone in Cortex-M vs -A
4.4
Two worlds: Secure and non-secure
4.4.1
Banked Registers
4.5
IDAU and SAU: Security attribution
4.6
Transitions
4.6.1
Secure function call
4.6.2
Non-secure function call
4.7
System Design: Security Gates and System Security Controllers
4.7.1
System Security Controller
4.7.2
Security wrapper
4.7.3
Block-based Gate
4.7.4
Watermark-based Gate
4.7.5
Select-based Gate
4.7.6
Lite-IDAU
4.7.7
System Security in STM32L5
5
Bare-metal firmware build and boot process (CMSIS Core(M))
5.1
Introduction
5.2
Memory segments
5.2.1
ROM segment
5.2.2
RAM segment
5.2.3
ROM_NSC segment
5.3
ROM segment and Boot Process
5.4
Non-Secure Callable segment
5.5
Calling non-secure world from secure world
5.6
Heap and Stack
5.7
ELF to .bin
6
AAPCS Arm ABI and Runtime view
6.1
Data Types
6.2
Subroutine Call
6.2.1
Passing arguments
6.2.2
Return function values
6.3
Exception Entry and Return
6.4
Excursus: IP register for Interworking
7
TrustZone-M runtime view (CMSIS Core(M))
7.1
Introduction
7.2
SAU initialization (CMSIS)
7.2.1
SAU configuration registers
7.3
Secure function call
7.4
Non-secure function call
7.5
Secure and non-secure exceptions
7.5.1
Exception Entry with transition (S to NS)
7.5.2
Exception Target Security State Configuration
8
Embedded Communication Protocols
8.1
UART
8.1.1
US(A)RT
8.1.2
Logic Analyzer: UART
8.1.3
Logic Analyzer 2: USART
8.1.4
Firmware Extraction via UART (FTDI)
8.2
I²C
8.2.1
Overview
8.2.2
Packet structure and protocol
8.2.3
Find I2C address
8.2.4
Logic Analyzer: I2C communication
8.2.5
Serial EEPROM simulation
8.3
Monodon Firmware
8.3.1
USART1
8.3.2
USART2
8.3.3
I2C1
9
Embedded Hacker Tools
9.1
Logic Analyzer
9.1.1
Sample Rate
9.1.2
PulseView
9.1.3
Hardware
9.2
Bus Pirate
9.2.1
Terminal interface
9.2.2
Firmware Update
9.3
Tigard (FTDI FT232 / FT22xx)
9.3.1
Setup notes: Linux, WSL2 and Windows
10
Vendor: STM32
10.1
STM32 “Bluepill” STM32F103C8T6
10.1.1
Hardware Overview
10.1.2
Memory Map
10.1.3
Boot Modes and Programming
10.1.4
Debugging
10.1.5
Read out and write protections
10.2
STM32L5 and Nucleo-144
10.2.1
Hardware Overview
10.2.2
STM32 Product Life Cycle
10.2.3
Option Bytes
10.2.4
Memory Map
10.2.5
Global TrustZone Controller
10.3
Examples: STM32 Nucleo-144
10.3.1
Tools and Hardware Configuration
10.3.2
Secure Random Number Generator (Example 1)
10.3.3
Appendix
11
Core Concepts and Terms
11.1
STM32L5: GTZC and subcomponents
11.2
Bluepill
11.3
Embedded Hacker Tools
11.4
Embedded Protocol Analysis
11.5
Lifecycle Configurations
11.6
SRAM Protections
11.7
Flash Protections
11.8
System Security Components
11.9
System Security Design
11.10
Heap
11.11
Stack
11.12
Trustzone: Periphery
11.13
Implementation Defined Attribution Unit
11.14
Security Attribution Unit
11.15
TrustZone-M core components
11.16
Nonsecure function calls
11.17
Secure function calls
11.18
CMSIS
11.19
Interworking
11.20
Arm Registers
11.21
Arm ABI
11.22
Interrupts
11.23
Arm Privilege Levels
11.24
Arm Memory System
11.25
Vector Table
11.26
Arm Exception System
11.27
Arm Architecture Basics
11.28
ELF
11.29
Assembler Instrutions
11.30
Assembler Terms
11.31
Linker Script
11.32
Veneers
11.33
Linking
11.34
Section
11.35
Symbol
11.36
C Basics
11.37
C object
12
Changelog
CC BY-NC-ND 4.0
Embedded Systems Security and TrustZone
2022-04-13