What the TrustZone-M Doesn't See, the MCU Does Grieve Over: Lessons Learned

TrustZone-M provides only CPU-level protections and lacks system-wide memory protection, making it vulnerable to DMA-based attacks

The lack of Memory Protection Controllers (MPCs) in implementations like Microchip SAML11 makes it difficult to achieve PSA Level 2/3 security despite marketing claims

There’s a problematic assumption that OEM developers can be fully trusted with DMA mediation, when they should instead have controlled/mediated access

Hardware providers should implement protections at the system level, not just CPU level, including proper DMA mediation and memory protection controllers

Attestation alone is not sufficient - it’s orthogonal to the core memory protection issues identified

The gap between TrustZone-M capabilities and PSA security level requirements needs better alignment and clarity

System designers need to carefully evaluate both hardware and software security capabilities when building secure systems

Software-based DMA mediation can be implemented as a workaround but hardware-based protection is preferable

Current implementations often lack proper isolation between privileged/unprivileged modes in both secure and non-secure worlds

The evaluation SDK versions may have different security properties than production versions, making proper security assessment difficult