Hi
A number of people are getting interested in developing trusted applications for TEEs (not just for OPTEE) and they want to understand the development and technical challenges that will be encountered. They’re looking for technical foresight.
I thought we could draw on our OPTEE expertise and look to whether we can develop insights applicable across all TEEs.
Practical information about limitations may provide insights.
It’s a broad question and I don’t want to limit the scope to the following list, but here’s some guidance on possible key technical factors causing limitations to arise:
-
Memory footprint.
o
What’s the impact both for volatile and non-volatile?
-
Code size.
o
This is a massive issue for the IoT space, less so for edge devices. Does aarch64 v aarch32 have a big impact? How big? What other factors.
-
Portability.
-
Software Stack
o
UEFI/BIOS support for security?
o
TEE software update mechanism?
o
Convergence on a standardized bootchain?
o
Adoption/deployment of Global Platform interface?
o
Bootloader impact (generally), ATF, u-boot, kernel.
-
Toolchain support/Developing in languages other than C.
o
I know OPTEE doesn’t support C++. Why? Is there partial support?
o
I read somewhere GOlang has aarch64 issues for normal world OS.
-
Normal World OS interworking.
o
Any standardisation of interfacing to a tee?
-
Certification/Testing.
o
Is there a standard toolchain for conformance testing?
-
Device support.
o
TPMs.
o
eSims.
-
Anything else?
Best
Simon