Security and Trust

OP-TEE: Open Portable Trusted Execution Environment OP-TEE is a small secure operating system which, after authentication and description, gets loaded in an secured area in the memory. A Rich OS (e. g. Xilinx PetaLinunx) driver can request, via a Secure Monitor Call, the execution of a trusted application. MLE took the effort to port OP-TEE to Xilinx Zynq UltraScale+ MPSoC Platform, including device specific optimizations.

 

OP-TEE Open Source Edition

The OP-TEE Open Source Edition is licensed as Open Source and comes with all source code and necessary packages (which are provided in the Upstream) to run OP-TEE on Zynq UltraScale+ MPSoC.  This version is ideal to explore the TEE world and develop your own trusted application. 

Key Features and Benefits:

  • Free of Charge
  • Limitation: Runs in DDR
  • Limitation: No Hardware acceleration for AES, RSA, SHA3
  • Limitation: No access to PUF
  • This version is ideal to explore the TEE world and develop your own trusted application
  • All needed packages included

>Read more

OP-TEE Boot Time Optimized (OP-TEE BTO )

The OP-TEE BTO is licensed from MLE and will provide all source code and necessary packages to run OP-TEE on Zynq UltraScale+ MPSoC. This version is targeted to applications which require short boot-up times, as for example in automotive. 

Key Features and Benefits:

  • This version is ideal if you need to boot OS quick
  • Hardware acceleration for AES
  • Hardware acceleration for RSA
  • Hardware acceleration for SHA3
  • With secure boot: access to PUF (Physical Uncloneable Function) functionality
  • Limit: This Version loads OP-TEE directly into TCM
  • Limit: Arm Cortex R5 will have limited functionality because the TCM is 3/4 occupied by OP-TEE
  • This version comes with support

>Read more

OP-TEE Performance & Resource Optimized ( OP-TEE PRO)

 The OP-TEE PRO is licensed from MLE and will provide all source code and necessary packages to run OP-TEE on Zynq UltraScale+ MPSoC. This version is hardened for safety related applications to utilize the Arm Cortex R5 CPUs inside MPSoC.

 Key Features and Benefits:

  • This version is ideal for safty related applications where the Arm Cortex R5 is needed.
  • This version comes with support
  • Limit: This Version overrides the FSBL with OP-TEE, no warm start possible
  • Arm Cortex R5 will be fully functional after a little delay in boot
  • Hardware acceleration for AES
  • Hardware acceleration for RSA
  • Hardware acceleration for SHA3
  • With secure boot: access to PUF (Physical Uncloneable Function) funktionality

> read more