Design and Implementation of Secure Embedded Systems Based on Trustzone

Embedded system serves as one of crucial components needed for various applications and services in pervasive computing environment. Security problems related to embedded systems directly influence credibility of these applications and services. In order to effectively eliminate weaknesses in current embedded systems and strongly enhance safety practices of these systems, this paper proposes a Trustzone-based secure enhancement framework for embedded system. This framework consists of a multi-policy access control mechanism and a secure reinforcement method. The multi-policy access control mechanism establishes multiple secure policies by utilizing the Domain and Type Enforcement (DTE) model and an improved Bell-La Padula (BLP) model, and the secure reinforcement method provides powerful safeguards through the employment of Linux Security Module (LSM) framework. We construct a secure embedded system environment based on TrustZone technique and secure Linux system. A prototype system founded on ARM Linux achieves rational combination of secure operating system and trustworthy hardware techniques and thus ensures diversified applications and services safety.