What the TrustZone-M Doesn't See, the MCU Does Grieve Over: Lessons Learned

Learn how TrustZone-M's CPU-level protections fall short of system-wide memory safety, and discover crucial lessons about DMA attacks, security implementation & PSA compliance.

Key takeaways
  • TrustZone-M provides only CPU-level protections and lacks system-wide memory protection, making it vulnerable to DMA-based attacks

  • The lack of Memory Protection Controllers (MPCs) in implementations like Microchip SAML11 makes it difficult to achieve PSA Level 2/3 security despite marketing claims

  • There’s a problematic assumption that OEM developers can be fully trusted with DMA mediation, when they should instead have controlled/mediated access

  • Hardware providers should implement protections at the system level, not just CPU level, including proper DMA mediation and memory protection controllers

  • Attestation alone is not sufficient - it’s orthogonal to the core memory protection issues identified

  • The gap between TrustZone-M capabilities and PSA security level requirements needs better alignment and clarity

  • System designers need to carefully evaluate both hardware and software security capabilities when building secure systems

  • Software-based DMA mediation can be implemented as a workaround but hardware-based protection is preferable

  • Current implementations often lack proper isolation between privileged/unprivileged modes in both secure and non-secure worlds

  • The evaluation SDK versions may have different security properties than production versions, making proper security assessment difficult