A computing device is an electronic apparatus, whether a portion of a single integrated circuit or an entire system, whose functions and operations are defined by both hardware and software. Hardware represents the physical components that carry out the functions of the device, and software represents the collection of all programming instructions, procedures, rules, routines, modules, programs, data, and the like that define how to carry out the device's functions and operations.
Manufacturers of computing devices intended for specific system applications are often concerned about the security of at least some of the computing device's data and functions. Thus, some system applications may employ security-sensitive cryptographic circuits so that security policies may be implemented with respect to data handled by the device. Some system applications may employ other security-sensitive circuits, such as RF transmitters whose use is tightly controlled for regulatory and network efficiency purposes, and security policies may be implemented so that the security-sensitive circuits are not misused.
Two classes of software are often identified for the purposes of implementing a security policy. One class is non-trusted software. Non-trusted software may or may not be malicious, but no assurance is provided that the non-trusted software will cause no harm. In many situations, non-trusted software may nevertheless be beneficial to a user of the computing device. Thus, a computing device often permits the execution of non-trusted software. But in accordance with a security policy, non-trusted software executes in a non-privileged mode of operation, or restricted execution environment (REE), in which access is denied to security-sensitive resources so that the non-trusted software cannot cause harm.
Trusted software is software whose bone fides are assured. If trusted software controls security-sensitive resources, it does so in a way that causes no harm. When security-sensitive resources are controlled by trusted software, the computing device may operate in a privileged mode, or trusted execution environment (TEE), that allows the trusted software to access the resources needed to carry out its function. A TEE is where trusted software has control of the CPU and the device. In this environment access is allowed to security sensitive resources.
System designers of computing devices face many challenges in configuring a computing device to provide both an REE and a TEE. While in the REE, the non-trusted software's access to security-sensitive resources should be constrained. Then, before switching to the TEE, an entry mechanism should authenticate the trusted software to establish that the software about to be executed is authentic trusted software and not malicious, mischievous, or possibly error-infested software. And, the entry mechanism itself, which provides an interface between the REE and TEE, should be protected against threats.
Conventional techniques for implementing both an REE and TEE are inadequate. A variety of different manufacturers provide different versions of CPU cores and operating systems. CPU cores represent central processing units (CPUs) and related circuits dedicated to controlling the flow of instructions and data into and out of the CPU, and operating systems represent the software that interfaces most directly with hardware and that controls the execution of application software. These manufacturers provide some products with some features directed toward distinguishing between privileged and non-privileged modes of operation. But from a system perspective, a solution that is unique to a specific CPU core or a specific operating system is highly undesirable because it enslaves other system components and the entire system design to a specific CPU core and/or operating system.
Moreover, many of the conventional techniques are simply ineffective from a system perspective. For example, features built into a CPU core often do not extend outside the CPU core where they might have been useful for controlling other system components. And, whether or not such features are extended outside a CPU core, other active entities in the system, such as direct memory access (DMA) devices or other CPU's, often cannot be controlled with respect to implementing an effective TEE. Operating systems may have been written so that too much potentially flawed software runs in privileged modes, thereby blurring the distinction between the TEE and the REE. Too many techniques are vulnerable to being tricked by stack and cache manipulations, by conditional branching, speculative execution, and out-of-order instruction completion schemes, and by failing to verify that trusted software actually executes. As a consequence, the conventional techniques provide inadequate security assurances, particularly from a system-wide perspective.