Revision as of 11:21, 9 March 2023 by Registered User (→What is the Isolation)
1. What is the Isolation
Isolation means that a system is sub-divided in several sub-systems (or Partitions). This is interesting to allow protection of one sub-system from the other. The system to isolate can contain code, secrets, Intellectual Properties.
1.1. HW Isolation
- HW isolation mechanisms are used to isolate almost 2 sub-systems. HW isolation is most of the time combined with software solution to implement the isolation
- HW isolation mechanisms manage to
- isolate (access control): Secure, Non-secure, Priviledge, Unpriviledge, …
- filter: on memory access,
- HW isolation mechanisms manage to
- HW isolation mechanisms are used to isolate almost 2 sub-systems. HW isolation is most of the time combined with software solution to implement the isolation
- Typical HW Isolation mechanisms examples are MPU, ARM TrustZone, Firewall, …
1.2. Temporal Isolation
- Considered only during the sequential flow executed at boot of the system, where the different stages executed can be isolated.
- Temporal isolation protects sensitive device assets that are used during the secure boot process, from access by later stages.
1.3. Runtime Isolation
- Is the ability to have a system with several sub-systems running in parallel, considering 2, 3, 4, … sub-systems of a platform.
- Isolating 2 sub-systems can be done using ARM Trust-Zone technology.
- But it could be done also considering integration of 2 cores, use of the MPU (on Cortex-M cores), …
1.4. IP isolation
- Is the propriety to allow an Intellectual Property to run sandboxed from the others.
ARM PSA Firmware Framework defines tree levels of isolation.
| Isolation level | Purpose | Security domains | Description |
|---|---|---|---|
| Level 1 | SPE isolation. | Two | Secure Processing Environment (SPE) is protected from access by Non-secure application firmware and hardware. |
| Level 2 | PSA Root of Trust isolation. | Three | In addition to Level 1, the PSA Root of Trust is also protected from access by the Application Root of Trust. |
| Level 3 | Maximum firmware isolation. | Three or more | In addition to Level 2, each Secure Partition is sandboxed and only permitted to access its own resources. This protects each Secure Partition from access by other Secure Partitions and protects the Secure Partition Manager from access by any Secure Partition. |
2. References