Difference between revisions of "BELK-TN-001: Real-timeness, system integrity and TrustZone® technology on AMP configuration"
(→Introduction) |
(→Introduction) |
||
| Line 27: | Line 27: | ||
This White Paper describes the TrustZone-based solution that DAVE Embedded Systems has implemented to meet all these requirements on [[:Category:Bora|BORA]] and [[:Category:BoraX|BORAX]] platforms. A technical description of the adopted approach is provided. Also, performance and characterization tests are detailed and considerations about future developments and improvements are included. | This White Paper describes the TrustZone-based solution that DAVE Embedded Systems has implemented to meet all these requirements on [[:Category:Bora|BORA]] and [[:Category:BoraX|BORAX]] platforms. A technical description of the adopted approach is provided. Also, performance and characterization tests are detailed and considerations about future developments and improvements are included. | ||
| − | This solution can be considered as a sort of natural evolution on the traditional AMP configuration described in <ref name="AN-BELK-001">DAVE Embedded Systems, ''AN-BELK-001: Asymmetric Multiprocessing (AMP) on Bora – Linux FreeRTOS'' | + | This solution can be considered as a sort of natural evolution on the traditional AMP configuration described in <ref name="AN-BELK-001">DAVE Embedded Systems, [[AN-BELK-001:_Asymmetric_Multiprocessing_(AMP)_on_Bora_–_Linux_FreeRTOS|''AN-BELK-001: Asymmetric Multiprocessing (AMP) on Bora – Linux FreeRTOS'']]</ref>. For this reason, reading of this document is highly recommended. |
==Limitations of traditional AMP configurations== | ==Limitations of traditional AMP configurations== | ||
Revision as of 07:31, 17 September 2015
| HOME | SOMs | SBCs | ToloMEO Embedded Assistant |  GET A QUOTE
|
 ONLINE HELPDESK
|
| Roadmap | IoT Services | ML/AI services | Embedded Design Services |
Info Box
|
Contents
History[edit | edit source]
| Version | Date | BELK version | Notes |
|---|---|---|---|
| 0.9.0 | September 2015 | 3.0.0 | Internal draft |
Introduction[edit | edit source]
Because of widely available Internet connectivity, nowadays security concerns are not longer limited to PCs, servers and workstations but have become common to many embedded systems as well. To deal with this kind of challenges, several hardware and software technologies have been developed. ARM® TrustZone® technology is one of these. As stated in [1], Xilinx Zynq-7000 AP SoC natively supports TrustZone® technology, since it integrates dual-core ARM® Cortex™-A9 MPCore™ processor.
Even if this technology has been conceived primarily to address security issues, embedded systems designers can leverage it to implement innovative configurations, satisfying different in nature requirements that typically arise in industrial applications and deep embedded systems[a]. Two of such requirements are real-timeness and system integrity[b].
This White Paper describes the TrustZone-based solution that DAVE Embedded Systems has implemented to meet all these requirements on BORA and BORAX platforms. A technical description of the adopted approach is provided. Also, performance and characterization tests are detailed and considerations about future developments and improvements are included.
This solution can be considered as a sort of natural evolution on the traditional AMP configuration described in [3]. For this reason, reading of this document is highly recommended.
Limitations of traditional AMP configurations[edit | edit source]
[3] TBD
TrustZone-based approach[edit | edit source]
TBD
Overview[edit | edit source]
TBD
L2 cache management[edit | edit source]
TBD
Isolation vs performances[edit | edit source]
TBD
Conclusions[edit | edit source]
TBD
References[edit | edit source]
- ↑ Yashu Gosain and Prushothaman Palanichamy, Xilinx WP429 - TrustZone Technology Support in Zynq-7000 All Programmable SoCs (v1.0), May 20, 2014
- ↑ Ed Hallett, Giulio Corradi, Steven McNeil, Xilinx WP461 - Xilinx Reduces Risk and Increases Efficiency for IEC61508 and ISO26262 Certified Safety Applications (v1.0), April 9, 2015
- ↑ 3.0 3.1 DAVE Embedded Systems, AN-BELK-001: Asymmetric Multiprocessing (AMP) on Bora – Linux FreeRTOS
- ↑ These kind of requirements are often totally independent of Internet connectivity
- ↑ In this context, for the terms integrity and security the definitions provided by [2] are in use:
- security refers to a system’s immunity to data disclosure or loss as a result of the unlawful electronic penetration of the system’s protections and defenses
- integrity denotes the certainty that a system cannot be improperly altered.
