1. Field of the Invention
The present invention relates to computing systems providing normal security services and high security services with a single operating system.
2. Description of the Related Art
Processors with 32-bit reduced instruction set computer (RISC) instruction set architecture (ISA) are relative simple compared to processor used in desktop personal computer, thus are suitable for consumer electronics such as mobile phones, PDAs, digital camera, digital media and music players, handheld game consoles, and computer peripherals such as hard drives and routers. These processors dominate in the mobile and embedded electronics market as they are relatively low cost and consume lower power. The ARM architecture is the most widely used 32-bit ISA, and ARM processors are the most popular embedded 32-bit RISC processors nowadays.
Applications executed by consumer electronics may require services of different security levels. Normal security services, such as making a phone call and playing java games may operate well in a normal security environment (Normal world). However, when high security services such as online credit card payment are requested, the normal security environment may not satisfy the security requirements. A separate high security environment (Secure world) is required to handle such high security services in order to prevent information leaking.
The TrustZone hardware architecture, developed by ARM, aims to execute code from both the Normal world and the Secure world with a single physical processor core. The single physical processor has the benefits of smaller silicon area, low cost, and low power consumption comparing to two dedicated processors. The application core switches between the Normal world and Secure world in a time-sliced fashion, and this world switch is generally orthogonal to all other capabilities of the process and so each world can operate independently of the other while using the same core.
Examples of software architectures implementing a Secure world stack on a TrustZone-enabled processor core include dedicated Secure world operating system (OS) and synchronous library. A dedicated Secure world OS is a complex yet powerful design. It can simulate concurrent execution of multiple independent Secure world applications, run-time download of new security applications, and Secure world tasks. On the other hand, the simple synchronous library of code placed in the Secure world handles only one task at a time, and the task is uninterruptible. Users may experience termination or disable of normal security applications such as music playback and phone call or message reception.