Back To Schedule
Tuesday, October 27 • 18:30 - 19:20
OP-TEE is Ready: Let's Use It! - Rouven Czerwinski, Pengutronix e.K.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
OP-TEE for i.MX6 SoCs is production ready, so we finally have a fully mainline way to use TrustZone on a widely available platform. So what are the scenarios where we it can increase security or allow new features? This talk will present the current state of OP-TEE from an upstream perspective on i.MX6 SoCs and show two different Trusted Applications (TAs) which provide secure data storage or TPM functionality. One of the presented applications will be the PKCS#11 TA which is currently being upstreamed into the mainline OP-TEE project. In conjunction with the OpenSSL PKCS#11 engine, it can be used to store client certificate data which can not be extracted from the device. The other application will be the Microsoft firmware TPM, which is provided as an out-of-tree TA with an upstream Linux kernel driver. It is meant as a replacement for conventional hardware TPMs and provides a tighter coupling to the chosen SoC. Furthermore this talk will highlight the necessary steps to actually secure OP-TEE on your chosen SoC, using the i.MX6 platform as an example.

avatar for Rouven Czerwinski

Rouven Czerwinski

Embedded Software Developer, Pengutronix
Rouven works with security on embedded systems, specializing on i.MX6 processors.

Tuesday October 27, 2020 18:30 - 19:20 GMT
ELC Theater
  Embedded Linux Conference (ELC), Security