Skip to main content
Zondax Github LinkZondax Github Link
Theme SwitchTheme Switch

Milestone 1 (Approved)

Checklist

NumberDeliverableLinkNotes
0a.License🔗See below
0b.Documentation🔗See below
0c.Testing Guide🔗See below
1.We will select at least two hardware alternatives (from different providers) that will be used in our proof-of-concept implementation.See below
2.Basic framework and minimal implementations for each selected board to demonstrate feasibility.See below
3.Working examples (hello world alike) and basic configuration to demonstrate Secure Boot and TrustZone.See below
4.Detailed description of the development and testing process.See below
5.Corresponding unit and integration testsSee below

Overview

  • Reference boards selection and initial prototyping. As an example, we initially considered the following models:

    • Model A: MCIMX6UL-EVKB: i.MX6UltraLite Evaluation Kit by NXP
    • Model B: USB Armory Mk-II
    • Model C: Colibri iMX6ULL by Toradex
    • Model D: Advantech WISE-710
  • Define applicable toolchains ( Rust, C/C++, etc.)

  • Development process: Define CI and Testing strategy

  • Demonstrate feasibility for the selected hardware

License

The repositories referenced in this milestone have all been published under either Apache 2.0 and GNU GPL2.

RepositoryLicenseLink
Zondax/web-docs-teeApache 2.0📄 License
Zondax/tee-substrate-serviceApache 2.0📄 License
Zondax/hello-rusteeApache 2.0📄 License
Zondax/buildroot-zondaxGNU GPL2📄 License

In the sections below we listed each part of this Milestone and the links to their respective test.

Item 1

NumberDeliverableLinkNotes
1.We will select at least two hardware alternatives (from different providers) that will be used in our proof-of-concept implementation.

We selected the following boards:

NumberDeliverableVendorLink
1.STM32MP157F-DK2ST📄 Product Page
2.8MMINILPD4-EVKBNXP📄 Product Page

The criterias we used for the selection is described in this section.

Item 2

NumberDeliverableLinkNotes
2.Basic framework and minimal implementations for each selected board to demonstrate feasibility.

As part of the implementation we used Buildroot to develop a custom linux distribution for each board containing essential dependencies that our trusted application needs. This also reduces the number of possible vector attacks, as the number of tools and services, our distribution contains are minimal. Refer to this section for further information about setting-up the basic framework to build our custom linux-distribution and how to run it on each supported device.

In this section you can find further instructions on how to test the basic optee framework that comes as part of our custom linux distribution.

info

Buildroot is a framework to create custom linux distributions.

Item 3

NumberDeliverableLinkNotes
3.Working examples (hello world alike) and basic configuration to demonstrate Secure Boot and TrustZone.

In order to test our setup. We built hello world application which comes pre-installed in the images. In this section we explain how to verify our custom distribution and ensure Optee framework works.

Item 4

NumberDeliverableLinkNotes
4.Detailed description of the development and testing process.

There are two tests we need to run to validate our linux-distribution and the optee framework that runs on the supported boards. refer to Optee tests and Hello world demo application sections for the steps to follow to run this validation.

Item 5

| Number | Deliverable | Link | Notes | | ------ | :--------------------------------------- | ---- | ----- | --- | | 5. | Corresponding unit and integration tests | | | |