Trustzone secure os tee for mips
•
0 likes•476 views
Virtualized and SecureOS containers for MIPS. Easy to comply with various standards from China, Global Platform and DRM standards
More Related Content
What's hot
What's hot (19)
Similar to Trustzone secure os tee for mips
Similar to Trustzone secure os tee for mips (20)
More from Sierraware
More from Sierraware (8)
Recently uploaded
Recently uploaded (20)
Trustzone secure os tee for mips
- 1. Secure OS and Hypervisor - TEE for MIPS IoT Security and Virtualization
- 2. Sierraware Leading provider of integrated hypervisor and TEE ▪ Delivered as source code. Flexible and easy to customize ▪ Unified TEE and Hypervisor implementation. ▪ Adheres to Global Platform specifications ▪ Products – Residential gateways – Set-top boxes, – TVs – Mobile phones – Automotive and avionics – Industrial control
- 3. Easy to deploy Isolated TEE Containers Only solution with Virtualized Multi-TEE ▪ Ability to launch secondary TEE on demand ▪ Hybrid TEE architecture. Each TEE SecureOS can be built on different API ▪ Easy to deploy across geographical regions ▪ POSIX APIs for Integrating with DRM like Google Widevine, Microsoft Playready ▪ Fully compliant Global Platform APIs MIPS - Hypervisor/Monitor LinuxKernel User Secure World Secondary TEE - China TaskletTaskletTasklets Secure World Primary TEE - GP TaskletTaskletTasklets Sierra Secure Driver
- 4. SierraTEE: Virtualized Environment MIPS Crypto Engine Secure Memory Secure External bus Secure Peripherals: Flash, Keyboard, Display Normal World OS Kernel Secure Driver Global Platform Client API Secure OS Dispatcher Kernel Unified Hypervisor and TEE Monitor HAL Secure Media Playback Crypto Display File System Device Manager Services Mgr Trustlet Secure Tasks Global Platform Internal API Secure UI and GP Apps
- 5. SierraTEE universal solution. ▪ Simple and Elegant solution to solve Multi-TEE and TEE Containerization requirements. ▪ Available on all platforms. – ARM using Trustzone Monitor – MIPS using Virtualization ▪ Identical source code across all architectures ▪ GP API Trustlets will work across all platforms with no change in code.
- 6. Virtualized TEE Sierravisor Hypervisor VCPU Scheduler Memory Manager Hal Interrupt Distribution Event/Timer Task Manageme nt tasks that can run directly on Drive rs Guest0 Kernel & Drivers Application Guest1 Kernel & Drivers Hyp Tasks Management tasks that can run directly on HV Drivers Backend drivers like Virtio, UART Primary Secure World SierraTEE TaskletTaskletTasklets Application
- 7. TEE Containers. ▪ Satisfy Service provider compliance with multi-tee solution. ▪ Easy to deploy across geographical location. ▪ Primary TEE and Secondary TEE can have different API – Example: GP on Primary TEE and China Pay on Secondary TEE
- 8. DRM Media Playback Secure WorldNormal World DRM Decrypt Audio/Video Decoding 2 5 Media Player Framework Security Plugin (NULL, can be replaced with actual DRM) 2 3 4 Input Source (Streaming/File) 1
- 9. Linux IoT Management Solution Domain Relay Agent Application Provider Secure Communication GP Client API SecureOS/TEE Auth Manager ACL ACL System Loader ADDProtected Domain Manager D/B Domains/Apps
- 10. Professional Services ▪ Porting software to processors ▪ Integrating TEE and SierraVisor with applications ▪ Developing drivers, encoders or apps ▪ Extensive experience with processors and kernel code ▪ Android, Linux, BSD, and VxWorks development ▪ Hardware & FPGA ▪ Phased approach from planning and development to testing & certification ▪ Carefully defined schedules and communication with customers to avoid surprises & delays Custom Services Design Expertise Project Management
- 11. Technical Support ▪ Telephone and Email Support ▪ Online technical documentation ▪ Software updates for commercial products ▪ Previews of upcoming releases ▪ Ability to influence feature enhancements ▪ Commitment to Quality – Service Level Agreement (SLA) details support response times and escalation levels