ARM TrustZone as a Virtualization Technique in Embedded Systems
Author(s): Torsten Frenzel, Adam Lackorzynski, Alexander Warg and Hermann Härtig, TUD - Operating Systems, Technische Universität Dresden, Germany
Virtualization starts to gain traction in the embedded world as methods to enforce isolation are needed to cope with the ever-growing complexity of modern systems. Originating from desktop and server systems, existing virtualization solutions have their focus on rich functionality such as migration and check-pointing while real-time functionality is of little interest. In contrast, in an embedded system this functionality is dispensable while the ability to support real-time workloads has to be retained.
So far, virtualization on ARM - the arguably predominant architecture for embedded systems - was impeded by the lack of proper architectural support. In this paper, we show how TrustZone, an extension originally meant to boost security, can also be used to fill that gap and provide encapsulation in real-time conscious systems. We were able to accommodate a minimally modified Linux on top of a real-time capable microkernel, evaluating engineering and runtime costs.