With the rapid development of embedded technology and the increasing complexity of system functionality, there is a growing need for a trusted computing environment to ensure the security, integrity, and reliability of sensitive information. Systems not only need to protect the security of sensitive application code but also ensure the isolation of their execution process to prevent attacks and data theft. Traditional system protection is achieved by using security mechanisms that run in the same address space and privilege level as the kernel. However, this approach is not sufficiently secure as attackers who compromise the kernel can also compromise these security mechanisms. To achieve true kernel and critical data protection, security mechanisms need to be isolated. Therefore, building a trusted isolation runtime environment in the system is crucial for system security. TrustZone technology, developed by ARM, is a system-level security isolation framework capable of defending against various potential attacks. this paper provides an overall overview of different security isolation technologies. By concentrating on the principles and characteristics of ARM TrustZone, the paper conducts an in-depth analysis of system security isolation technology based on TrustZone. Finally, considering the existing security issues in the field of trusted execution environments, the paper presents prospects for the future development of this technology.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.