The ARM Cortex-M series is a low-power, high-efficiency processor architecture launched by ARM, mainly used in embedded systems, especially in Internet of Things (IoT) devices, smart homes, sensors, wearables, and more. The design goal of the Cortex-M series processors is to provide low power consumption and a simple architecture to support real-time operations while maintaining a small size. They are typically used for simple control tasks that do not require complex operating systems.ARM Cortex-M development boards include STMicroelectronics’ STM32 series and NXP’s LPC series. Embedded development environments such as Keil MDK and IAR Embedded Workbench support development for the Cortex-M series.
- arm architecture
The ARMv followed by a number indicates the architecture version, each version has different features and instruction sets. The evolution of commonly used processor architecture versions in embedded applications is as follows:
|
Architecture |
ARM/ARM CHINA |
|
Armv5-m |
Arm926EJS |
|
Armv6-m |
Cortex-M0/M0+ |
|
Armv7-m |
Cortex-M3/M4/M7 |
|
Armv8-m |
Cortex-M23/M33/STAR |
Taking the STAR processor as an example, the block diagram supporting security feature extensions (TrustZone technology) is as follows:
The STAR processor SOC structure can adopt the following structure:
In the above figure, the C-AHB bus boots from FLASH/ROM, and the DMA can transport the mirror image or execution code from the memory subsystem to the STAR’s TCM through the AHB-T interface. After the STAR processor executes the boot code, it jumps to the TCM to execute the image file.The STAR memory map is shown in the figure below:
- trustzone processor state
The STAR processor supports TrustZone technology to implement security feature extensions. The TrustZone processor state is shown in the figure below:
Processors that support TrustZone technology have two virtual states: normal world/secure world, and the processor’s internal monitor mode supports switching between these two states.
- NS in transaction transmission
The processor state is also reflected in the external bus NS bit, such as the HNONSEC signal on the AHB5 bus.On the AXI3/4 bus, AxPROT[1]:
When NS=1, the processor can only access non-secure resources.When NS=0, the processor can access all resources (both secure and non-secure resources).
- secure attribute and defend
The security design of the SOC system is to enhance the security attributes (security properties) of SOC components. The basic security properties are the three elements of asset confidentiality, integrity, and authenticity. The security design of the SOC system relies on an analysis targeted at the SOC system.1) What are the sensitive assets?Sensitive assets are resources or objects that need protection;2) Possible attack behaviors against the system;3) Defense measures or mechanisms against attack behaviors.ARM TrustZone technology integrates defense security measures into the processor/bus/IP and other hardware and software components of the SOC system.The figure below shows a SOC system design that implements TrustZone technology:
The software framework of the SOC system that implements TrustZone technology:
- security attribute execution unitTrustZone technology allocates security attributes based on access addresses, and there are two security mechanisms that can add security attributes to transactions:1) The internal SAU (Security Attribution Unit) of the processor2) The system-level IDAU (Implementation Defined Attribution Unit)The transaction transmission using the IDAU mechanism is shown in the following functional diagram:
As shown in the figure above: the master generates a transaction, and before leaving the master and entering the bus, it adds security attributes through the IDAU. The interconnect bus routes the transaction to the final IP component based on the memory map, passing through the gate component. The gate component checks whether the transaction attributes and memory types are compatible to decide whether to pass the transaction.
- aliasing memory The ARMv8-M supporting TrustZone technology divides the memory map into boundaries of 512M BYTE, with the lower half of 256MB classified as NON-SECURE and the upper half of 256MB classified as SECURE. The bit[28] in the address bus serves as an alias bit to distinguish whether the transaction accesses the NON-SECURE region or the SECURE region, as shown in the figure below:
The decoder of the interconnect bus will pass both non-secure and secure addresses through to the same physical region, with the security check of the gate component determining the compatibility of the transaction’s security attributes and memory types.
- SAU&TGU (trustzone guard unit)
The STAR processor uses SAU and TGU for security control of ITCM/DTCM.TGU is the access control unit in TrustZone technology, responsible for conducting security checks on memory and peripheral accesses. If an access request does not comply with the permission rules, TGU will block access and trigger a SecureFault exception. SAU is the configuration unit in TrustZone technology, used to partition memory into multiple regions and configure security attributes. TGU and SAU work together to achieve isolation and protection between the secure world and the non-secure world. SAU defines the security attributes of memory regions, while TGU enforces access control based on these attributes.
- DEBUG & TRACE SECUREThe debug interface is a potential vulnerability for system security, as attackers may obtain sensitive information or inject malicious code through the debug interface. Therefore, managing the SPIDEN, SPNIDEN, and DBGEN signals is crucial. These signals are typically controlled by hardware fuses or OTP (One-Time Programmable) memory to prevent tampering at the software level. By reasonably configuring SPIDEN, SPNIDEN, and DBGEN signals during production, development, and deployment phases, a balance can be found between development debugging and product security, ensuring safety and maintainability throughout the system’s lifecycle.