# TrustShadow: Secure Execution of Unmodified Applications with ARM   TrustZone

**Authors:** Le Guan, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu,, Trent Jaeger

arXiv: 1704.05600 · 2017-06-26

## TL;DR

TrustShadow leverages ARM TrustZone to create a secure environment for legacy applications on IoT devices, protecting sensitive data from untrusted OSes with minimal performance overhead.

## Contribution

This paper introduces TrustShadow, a novel system that uses ARM TrustZone to securely run unmodified legacy applications on IoT devices, ensuring data security against compromised OSes.

## Key findings

- TrustShadow incurs negligible overhead on real-world applications.
- It effectively isolates security-critical applications from untrusted OS components.
- Prototyped on actual hardware, demonstrating practical viability.

## Abstract

The rapid evolution of Internet-of-Things (IoT) technologies has led to an emerging need to make it smarter. A variety of applications now run simultaneously on an ARM-based processor. For example, devices on the edge of the Internet are provided with higher horsepower to be entrusted with storing, processing and analyzing data collected from IoT devices. This significantly improves efficiency and reduces the amount of data that needs to be transported to the cloud for data processing, analysis and storage. However, commodity OSes are prone to compromise. Once they are exploited, attackers can access the data on these devices. Since the data stored and processed on the devices can be sensitive, left untackled, this is particularly disconcerting.   In this paper, we propose a new system, TrustShadow that shields legacy applications from untrusted OSes. TrustShadow takes advantage of ARM TrustZone technology and partitions resources into the secure and normal worlds. In the secure world, TrustShadow constructs a trusted execution environment for security-critical applications. This trusted environment is maintained by a lightweight runtime system that coordinates the communication between applications and the ordinary OS running in the normal world. The runtime system does not provide system services itself. Rather, it forwards requests for system services to the ordinary OS, and verifies the correctness of the responses. To demonstrate the efficiency of this design, we prototyped TrustShadow on a real chip board with ARM TrustZone support, and evaluated its performance using both microbenchmarks and real-world applications. We showed TrustShadow introduces only negligible overhead to real-world applications.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1704.05600/full.md

## Figures

10 figures with captions in the complete paper: https://tomesphere.com/paper/1704.05600/full.md

## References

49 references — full list in the complete paper: https://tomesphere.com/paper/1704.05600/full.md

---
Source: https://tomesphere.com/paper/1704.05600