Developing Secure Services for IoT with OP-TEE: A First Look at Performance and Usability

摘要

The implementation, deployment and testing of secure services for Internet of Things devices is nowadays still at an early stage. Several frameworks have recently emerged to help developers realize such services, abstracting the complexity of the many types of underlying hardware platforms and software libraries. Assessing the performance and usability of a given framework remains challenging, as they are largely influenced by the application and workload considered, as well as the target hardware. Since 15 years, Arm processors are providing support for TrustZone, a set of security instructions that realize a trusted execution environment inside the processor. Op-Tee is a free-software framework to implement trusted applications and services for TrustZone. In this short paper we show how one can leverage Op-Tee for implementing a secure service (i.e., a key-value store). We deploy and evaluate the performance of this trusted service on common Raspberry Pi hardware platforms. We report our experimental results with the data store and also compare it against Op-Tee's built-in secure storage.