Please fill in the form below, so we can support you in your request.
Please fill in the form below, so we can support you in your request.


    ASICAMD (Xilinx)AchronixIntel (Altera)LatticeMicrochip (MicroSemi)Other

    X
    CONTACT MLE
    Contact MLE for Solutions
    Please fill in the form below, so we can send you the relevant information regarding our Solutions.

      By submitting this form you are consenting to being contacted by the MLE via email and receiving marketing information.

      X
      CONTACT MLE

      OP-TEE
      Open Portable Trusted Execution Environment

      The Open Portable Trusted Execution Environment (OP-TEE) is an open-source, small, secure operating system which, after authentication and decryption, gets loaded in an secured area in the memory. A rich OS (e. g. Xilinx PetaLinunx) driver can request, via a Secure Monitor Call, the execution of a trusted application.

      OP-TEE is an Open-Source initiative driven by a Linaro team who maintains the code and makes it available for download at GitHub.

      MLE took the effort to port OP-TEE to AMD/Xilinx Zynq UltraScale+ MPSoC / RFSoC and Versal devices and included device specific optimizations. The outcome is two-fold: Tightly integrated Open-Source maintained by experts of FPGA System-on-Chip and ACAP technology. And, additional professional services for customization and product life cycle support.

      Key Features of OP-TEE in FPGAs

      • Enables running secure & trusted applications from within a rich Linux operating system
      • Utilizes standard ARM Trusted Execution Environment (TEE)
      • Utilizes advanced security functions in Xilinx Zynq UltraScale+ MPSoC / RFSoC and Versal devices
      • Optional hardware acceleration for AES-CGM, RSA, SHA3, etc
      • Optional secure key handling with integrated PUF (Physically Unclonable Function) support
      • Optional handling for integrated eFUSE burning
      • Secure and non-secure bitstream loading
      • Support for custom secure functions in Programmable Logic

      Applications

      • Secure data storage
      • Secure communication
      • Secure Over-the-Air (SOTA) updates
      • Key to meet compliance with standards such as IEC 62443, IEC 27001 etc
      • Protect Functional Safety (SIL, ASIL) related designs
      • Secure touch inputs
      • Secure key handling

      Pricing

      MLE OP-TEE is available as pure Open-Source or as a professionally maintained source code deliverable:

      Product Name Deliverables Pricing
      OP-TEE Open-Source Edition (OP-TEE Free) Licensed under BSD / Linaro terms and available for download from GitHub. Free of charge
      Download Now
      OP-TEE Professional Edition (OP-TEE PRO) MLE Single-Site or Multi-Site Source Code License. Delivered by MLE in electronic form. Annual subscription fees starting at $42,800.-
      Application / Project specific Expert Design Services System-level design, modeling, implementation and test for realizing Domain-Specific Secure appplications. $1,880.- per engineering day (or fixed price project fee)

      OP-TEE Free

      (Open Source Edition)

      The OP-TEE Open Source Edition for Zynq UltraScale+ MPSoC / RFSoC and Versal is licensed under Linaro / BSD license as Open Source and comes with all source code and necessary packages. This version is ideal to explore the TEE world and develop your own trusted application. 

      Key Features and Benefits:

      • Open Source and Free of Charge
      • Runs in external PS-attached DDR memory
      • No Hardware acceleration for AES, RSA, SHA3
      • No access to PUF

      OP-TEE PRO

      (Professional Edition)

      MLE OP-TEE PRO can be licensed from MLE and will provide all source code and necessary packages to run OP-TEE on Zynq UltraScale+ MPSoC / RFSoC and Versal.

      Key Features and Benefits:

      • Hardware acceleration for AES
      • Hardware acceleration for RSA
      • Hardware acceleration for SHA3
      • With secure boot: access to PUF (Physical Uncloneable Function) functionality
      • Can load OP-TEE into TCM

      Comparison Between OP-TEE Free And OP-TEE PRO

      Functionality Supported

      OP-TEE Free

      OP-TEE PRO

      OP-TEE Basic functionality
      Trusted Applications with your own secure application
      Secure Paging (Hashed DDR Memory)
      Testsuite (10k+ Test Cases for selftest)

      (extended)

      AES-GCM (Xilinx CSU hardware accelerated)
      RSA (Xilinx CSU hardware accelerated)
      SHA3 (Xilinx CSU hardware accelerated)
      Secure Key handling with Physical Unclonable Function (PUF)
      Support for eFuse burning
      Secure/Nonsecure Bitstream Loading
      Performance Measurement of context switch or Trusted Application
      Custom Secure PL Functions

      Documentation

      Edit Template

      Frequently Asked Questions

      Most of the Zynq UltraScale+ MPSoC / RFSoC and Versal specific code for OP-TEE is currently going upstream to become part of the free open-source edition.

      However, there are functions of Zynq UltraScale+ MPSoC / RFSoC and Versal which require special handling, like the one-time-programmable eFuses, or support for custom secure PL functions, for example. Such device and/or application specific security functions of Zynq UltraScale+ MPSoC / RFSoC and Versal will be covered only by the PRO edition. Please refer to the comparison table above.

      Yes, MLE ships source code for OP-TEE PRO. Those Zynq UltraScale+ MPSoC / RFSoC and Versal platform specific code portions are available today and have passed review by the Xilinx Security Center of Excellence (COE). The most recent review was November 2019.

      OP-TEE Free is free-of-charge open-source software (FOSS) and can be downloaded from here: https://github.com/OP-TEE/ under a BSD 2-Clause License.