Implementing Embedded Security on Dual-Virtual-CPU Systems

摘要

Security requirements for embedded systems such as consumer devices are becoming stronger. Current designs need an isolated environment that stores and processes sensitive data. New hardware technologies are arriving that provide low-cost, high-performance, isolated environments. Standard open APIs are providing a route to interoperability, defragmentation. and reduced software development costs. Securely, flexibly, and efficiently taking advantage of these standards is a complex software design problem. This article is an introduction to one such hardware technology, and a case study of the design of a programmable security software framework. The discussion will be of interest to all types of system designers, from SoC to software, because security must be designed into the system from the outset.