Trusted Execution Environment (TEE)

Status: Final Published (maintained by GlobalPlatform)

Date: Public Release, November 2018 (most recent system architecture release)

Region: Global

Document: Link

Background

The Trusted Execution Environment (TEE) is a secure area that resides alongside the Rich Execution Environ- ment (REE) of the main processor in connected devices, most notably smartphones. The purpose of the TEE is to provide a trusted and isolated environment in which sensitive data and assets can be stored, and trusted code executed, protecting these sensitive assets and Trusted Applications (TAs) from any software attacks generated within the REE.

Previously, multiple proprietary standards for TEEs were leveraged in the mobile device space. More recently, the non-profit GlobalPlatform industry association has developed specifications and maintained a certifica- tion program for a standardized and interoperable TEE.

Summary

GlobalPlatform, a non-profit industry association with more than 100 members, has published specifications, through a variety of documentation, to ensure that their certified TEEs fulfill the following characteristics:

• The TEE is isolated from the REE, including any assets stored within the TEE and any TAs running within this secure environment.
• Isolation within the TEE itself, i.e., different TAs running within the TEE are isolated from
  each other.
• Once the device is deployed, the TEE and any TAs running within the TEE can only be modified by
  authenticated entities.
• The boot process must be bound the System-on-Chip (SoC) to ensure the authenticity of the TEE firmware and TAs running within the TEE. Likewise, the TA and TEE data must be stored securely and bound to the TEE to ensure system integrity.
• APIs are provided to enable access to trusted peripherals.
• State-of-the-art use of cryptography.

The documentation detailing the TEE specification is as follows:

• TEE System Architecture: A document that outlines the supporting hardware and software architectures for the TEE.
• TEE APIs: The GlobalPlatform publishes two sets of API specifications for the TEE. The first governs access between the REE and the trusted applications running with the TEE. The second details how any TA hosted within the TEE can access the TEE’s services. An API is also provided to enable safe interaction between the TEE and certain approved peripherals, such as the device display to enable the Trusted User Interface (TUI).
• TEE Management Framework: The management framework is first introduced in the TEE Sys- tem Architecture documentation and further expanded on here. It is essential that the TEE and TAs can be remotely managed during the connected devices life cycle. This can include essential maintenance of the security domain or remote key provisioning, or dynamic updates to the TAs. Provision is made for both online and offline agents to manage the TEE, and for the life cycle management of authenticated entities.
• TEE Initial Configuration: The initial configuration document sets out implementation require- ments for the GlobalPlatform TEE, and is intended for TEE vendors and application developers, in order to ensure that the implementation will satisfy interoperability requirements. This is further supported by the security and functional test suites and certification programs.
• TEE Protection Profile: An expansive document that is relevant to the entire TEE vendor ecosystem. The protection profile details a list of the typical security threats to which the TEE must be robust. Alongside these typical threats, there is a set of security objectives that the TEE implementation must fulfill in order to successfully counter the threats detailed in the protection profile. The security objectives are commensurate with EAL2+. Vendors are able to have their TEE implementations independently evaluated by licensed laboratories.

GlobalPlatform’s TEE certification program can give service providers in the ecosystem confidence that the TEEs they source satisfy the requirements of the specification. Certification is broken down into two parts. Security certification ensures that the TEE implementation satisfies the security goal requirements specified in the Protection Profile, while the functional certification ensures that the behavior of the implementation will satisfy interoperability requirements.

Notes

At the time of writing, the majority of TEE deployments are in the mobile device space, forming an essential ingredient in mobile banking and mobile payment applications. Indeed, the first automotive applications are likely to be on the consumer device side, enabling important smart mobility use cases, including remote access and Person-to-Person (P2P) car sharing, with Volkswagen and Hyundai among the first adopters.

With more applications moving from mirrored smartphones into the embedded infotainment system, embedded automotive applications are expected to grow, facilitating secure in-car commerce/payments, and the use of multimedia streaming services in shared or semi-autonomous vehicles.

More generally, the TEE specification harmonizes well with the core automotive design philosophy of isolating mission-critical and non-mission-critical functions, ensuring that no malfunction (in this case a malicious attack) originating in the less critical REE can impact safety-relevant and mission-critical applications from operating properly.