Trusted Execution Environments (TEE)
Trusted Execution Environments (TEEs) have become a core and necessary part of many devices, including all Android phones and many in-vehicle components.
Trustonic’s TEE OS “Kinibi” is a very mature offering and has been deployed for countless applications across many chipsets. Kinibi 500, the latest iteration, focuses on performance and flexibility, providing 64 bit SMP and broad support for Android and automotive environments, whilst retaining best in class security.
Security in the real world needs much more than just a secure OS. Key management and secure software provisioning processes are essential. To support diverse use cases, different software components must be isolated from each other.
Trustonic works with the entire value chain, delivering our TEE as part of the BSP from core silicon providers to simplify the integration process. We support multiple delivery modes for separately signed driver and/or application binaries, including over the air (OTA) updates of individual trusted applications. We also provide reference implementations of the Google specified Gatekeeper and Keymaster applications to fulfil Google requirements and simplify the OEM’s path to Android CTS compliance.
Unlike a secure element or a vHSM, TEEs run at full processor speed, and can run arbitrary application logic. This makes them ideal for many applications beyond simple key storage.
We offer solutions for high bandwidth secure processing such as Digital Rights Management and secure peripheral access, such as a Secure User Interface. We meet Android Compatibility Test Suite (CTS) or Google Test Suite (GTS) needs, such as providing Keymaster. For financial applications, such as payments or mobile Point of Sale (mPOS), we can protect applications delivered with the device.