easylearn.ing
Easy Learning with ARMv8-M Trust-Zone on Cortex-M33: Embedded Security
IT & Software > Other IT & Software
7 h
£14.99 Free for 3 days
2.8
557 students

Enroll Now

Language: English

Sale Ends: 11 Dec

Mastering Secure Embedded Systems: ARMv8-M TrustZone on Cortex-M33

What you will learn:

  • Secure Embedded Systems Development using ARMv8-M TrustZone
  • Building Secure Firmware with ARM TrustZone Technology
  • Mastering Secure and Non-Secure State Transitions
  • Advanced Memory Partitioning Techniques using SAU & IDAU
  • Proficiently Using ARMv8-M Security Instructions (SG, BLXNS, BXNS)
  • Handling Secure and Non-Secure Interrupts and Exceptions
  • Effective Use of CMSIS Security Macros and Attributes
  • Building and Debugging Embedded Systems using Keil MDK and Makefiles
  • Analyzing and Debugging Code at Both C and Assembly Levels
  • Implementing Robust Security Measures in Real-World IoT Applications

Description

Elevate your embedded systems expertise with our in-depth course on securing ARM Cortex-M33 microcontrollers using the powerful ARMv8-M TrustZone technology. Designed for embedded developers, firmware engineers, and IoT professionals, this course bridges theory and practice to equip you with the skills to implement secure execution environments and achieve fine-grained security in your ARM-based projects.

Utilizing the advanced LPC55S69 MCU and industry-standard tools like Keil MDK and CMSIS, you'll master the art of building, testing, and debugging TrustZone-enabled applications in C. You'll delve into the intricacies of secure and non-secure states, memory partitioning, and the crucial role of the Security Attribution Unit (SAU) and the Implementation Defined Attribution Unit (IDAU). This isn't just about theoretical knowledge; we provide hands-on labs to solidify your understanding. You'll learn to write, analyze, and debug security-critical code at both C and assembly levels, gaining a deep understanding of hardware-level transitions and isolations.

Key highlights of this course include:

  • A thorough exploration of the ARMv8-M architecture and its security features.
  • Practical application of TrustZone technology on the Cortex-M33 architecture.
  • Mastering Secure, Non-Secure, and Non-Secure Callable (NSC) states and their interactions.
  • Expert-level configuration and usage of SAU and IDAU for memory partitioning.
  • Proficient use of new ARMv8-M instructions (SG, BLXNS, BXNS) for secure state management.
  • Effective handling of secure and non-secure interrupts and transitions.
  • Development of secure C applications using CMSIS security macros and attributes.
  • Hands-on experience building and debugging projects with Makefiles in the Keil MDK environment on the LPC55S69.
  • In-depth code analysis and debugging at both C and assembly levels.

Target Audience: Embedded systems developers, IoT engineers, firmware developers working with ARM Cortex-M33 or TrustZone, and anyone seeking advanced knowledge of ARMv8-M security features. Prior embedded systems and ARM architecture experience is recommended.

Upon completion, you'll possess the confidence to design, implement, debug, and maintain secure embedded applications, ensuring data integrity and protection in diverse environments.

Curriculum

Introduction

This introductory section lays the groundwork for understanding the course's core concepts. Lectures cover the evolution of the ARMv8-M architecture, a detailed explanation of the Cortex-M33 block diagram, the processor's bus interface, the S-AHB and C-AHB buses, and a thorough introduction to ARMv8-M TrustZone, its implementation, and its role in securing embedded systems. You will gain a foundational understanding of TrustZone's principles and how it differs between ARMv8-M and ARMv8-A architectures.

Armv8-M Trust-Zone Concept Explained

This section delves deep into the ARM TrustZone concept. Lectures explain the top-level concept, memory partitioning based on security attributes, the operation of SAU & IDAU hardware blocks, and the various state transitions (Secure to Non-Secure, and Non-Secure to Secure) at both the instruction and software levels. It covers the supported memory partitioning combinations, the hardware-level operation of SAU & IDAU, and a detailed analysis of how these components contribute to system security.

ARMv8-M Cortex-M33 Supported Modes & States

This section details the modes and security levels supported by the ARMv8-M Cortex-M33 architecture. Lectures cover mode transitions, security level transitions, banked general-purpose registers, banked special-purpose registers, and the banked system hardware blocks. It provides a comprehensive understanding of how the processor manages different security contexts and transitions between them.

Implementation Defined Attribution Unit (IDAU) Hardware Block

This section focuses on the IDAU hardware block and its role in memory partitioning. The lectures explore the SAU & IDAU scheme, IDAU block integration, address decoding logic, and address space repartitioning, providing a detailed understanding of how IDAU contributes to the secure memory management system.

Security Attribution Unit (SAU)

This section provides a detailed explanation of the Security Attribution Unit (SAU) and its functionality. Lectures explore the SAU & IDAU scheme, memory region assignment, and the SAU programming model. Understanding SAU is crucial for implementing effective memory protection in a TrustZone environment.

ARMv8-M Security Related Instructions Set

This section dives into the ARMv8-M instruction set related to security. Lectures explore security-based instructions, including BLXNS, SG, and BXNS, focusing on their use in secure state transitions. A significant portion is dedicated to the TT instruction, its various variants, how they work, their formats, response fields, and their invocation through CMSIS macro APIs.

ARMv8-M Cortex-M33 Interrupts and Exceptions Handling

This section covers the critical aspect of interrupt and exception handling within the ARMv8-M TrustZone environment. Lectures explore the secure and non-secure vector tables (VTOR_S & VTOR_NS), internal exception handling (including HardFault), secure and non-secure interrupt handling (NVIC), interrupt/exception execution flows within and between security levels, interrupt stack frame layouts, and interrupt/exception priorities and their security-based grouping.

Labs Environment Setup

This section guides you through setting up your development environment for the hands-on labs. It includes instructions on downloading source code, installing necessary tools (Keil MDK, etc.), configuring Keil MDK for LPC55S69, understanding the LPC55S69 memory layout, and an overview of the lab projects. It provides all the necessary steps to begin working on the practical exercises.

LAB1: Initially From Secure to Non-Secure Security State Transition Flow

This lab focuses on transitions from the Secure to Non-Secure state. You'll work through examples illustrating transitions with and without SAU settings, and you'll gain practical experience with the BLXNS instruction and the FNC_RETURN magic value. This lab provides hands-on experience with the concepts explained in the earlier sections.

LAB2: Initially From User Non-Secure to Secure Security State Transition Flow

This lab mirrors LAB1 but focuses on transitions from the Non-Secure to Secure state. You will further solidify your understanding of secure state transitions by using the Secure Gate (SG) and BXNS instructions in practical scenarios.

Deal Source: real.discount