Iowa State Senior Design Group
This is the homepage for a capstone course for the Electrical and Computer Engineering department at Iowa State University. This project involves emulating an ARM processor that includes their proprietary TrustZone technology. We were then to design and build a software Trusted Platform Module within an Android application.
Overview of Project
Our project is to develop a working emulator for an Android device so that it is able to accurately represent the security extension of the device’s CPU, known as ARM TrustZone. Using TrustZone, we will provide a Trusted Platform Module (TPM) service.
As of right now, there are no commercial Android emulators that can correctly model the ARM TrustZone. Therefore, application developers are forced to test their devices on actual hardware to see if their code works. This is both dangerous to the device and time consuming. The logical next step is to try and emulate the inner workings of this hardware so that developers can then start writing applications to use it.
ARM TrustZone works by providing two virtual processors backed by hardware based acess control. This enables the application core to switch between two states, referred to a worlds, in order to prevent information from leaking from the more trusted world (secure world) to the less secure world (non-secure world).
The way we approached this problem was by constructing a software stack consisting of a hardware emulator, a microkernel, a run-time environment, and the Android OS. We made necessary modifications to different layers in the stack to allow TrustZone support.
As of right now, there are no commercial Android emulators that can correctly model the ARM TrustZone. Therefore, application developers are forced to test their devices on actual hardware to see if their code works. This is both dangerous to the device and time consuming. The logical next step is to try and emulate the inner workings of this hardware so that developers can then start writing applications to use it.
ARM TrustZone works by providing two virtual processors backed by hardware based acess control. This enables the application core to switch between two states, referred to a worlds, in order to prevent information from leaking from the more trusted world (secure world) to the less secure world (non-secure world).
The way we approached this problem was by constructing a software stack consisting of a hardware emulator, a microkernel, a run-time environment, and the Android OS. We made necessary modifications to different layers in the stack to allow TrustZone support.
Last Date Modified: 5-4-2012