1. What is isolation?
Isolation means that a system is subdivided into several subsystems (or partitions). Isolation can protect one subsystem from the other(s). The system to isolate can contain code, secrets, or intellectual properties.
2. Hardware isolation
- The hardware isolation mechanisms are used to isolate almost two subsystems. Most of the time, the isolation is implemented by combining it with a software solution.
- The hardware isolation mechanisms tasks are the following:
- isolation (access control): secure, nonsecure, privileged, or unprivileged mode
- filtering on memory access
- Typical examples of hardware isolation mechanisms are:
- - MPU (memory protection unit): isolation in Cortex®-M cores
- - Arm® TrustZone, available in Cortex®-A and Cortex®-M Arm architectures.
- - Firewall
3. Temporal Isolation
- Temporal Isolation is considered only during the sequential flow executed at boot of the system.
- - where the different stages executed can be isolated.
- Temporal isolation protects sensitive device assets that are used during the secure boot process, from access by later stages.
4. Runtime Isolation
- Is the ability to have a system with several sub-systems running in parallel, considering 2, 3, 4, … sub-systems of a platform.
- Isolating 2 sub-systems can be done using ARM Trust-Zone technology.
- But it could be done also considering integration of 2 cores, use of the MPU (on Cortex-M cores), …
5. IP isolation
IP Isolation is the propriety allowing an Intellectual Property to run sandboxed from the others.
ARM PSA Firmware Framework defines tree levels of isolation.
Isolation level | Purpose | Security domains | Description |
---|---|---|---|
Level 1 | SPE isolation. | Two | Secure Processing Environment (SPE) is protected from access by Non-secure application firmware and hardware. |
Level 2 | PSA Root of Trust isolation. | Three | In addition to Level 1, the PSA Root of Trust is also protected from access by the Application Root of Trust. |
Level 3 | Maximum firmware isolation. | Three or more | In addition to Level 2, each Secure Partition is sandboxed and only permitted to access its own resources. This protects each Secure Partition from access by other Secure Partitions and protects the Secure Partition Manager from access by any Secure Partition. |
6. References