Back To Schedule
Tuesday, October 27 • 18:30 - 19:20
OP-TEE is Ready: Let's Use It! - Rouven Czerwinski, Pengutronix e.K.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
OP-TEE for i.MX6 SoCs is production ready, so we finally have a fully mainline way to use TrustZone on a widely available platform. So what are the scenarios where we it can increase security or allow new features? This talk will present the current state of OP-TEE from an upstream perspective on i.MX6 SoCs and show two different Trusted Applications (TAs) which provide secure data storage or TPM functionality. One of the presented applications will be the PKCS#11 TA which is currently being upstreamed into the mainline OP-TEE project. In conjunction with the OpenSSL PKCS#11 engine, it can be used to store client certificate data which can not be extracted from the device. The other application will be the Microsoft firmware TPM, which is provided as an out-of-tree TA with an upstream Linux kernel driver. It is meant as a replacement for conventional hardware TPMs and provides a tighter coupling to the chosen SoC. Furthermore this talk will highlight the necessary steps to actually secure OP-TEE on your chosen SoC, using the i.MX6 platform as an example.

avatar for Rouven Czerwinski

Rouven Czerwinski

Embedded Software Developer, Pengutronix e.K.
After working with embedded testing in 2016, Rouven worked on the security side of things by contributing to OP-TEE and shipping products with it. Nowadays he has an interest in media pipelines and the corresponding kernel drivers to provide a flawless recording and viewing exper... Read More →

Tuesday October 27, 2020 18:30 - 19:20 GMT
ELC Theater
  Embedded Linux Conference (ELC), Security