The Trusted Execution Environment (TEE) is a technology, which enables developers to delegate security functions to a separate secure environment, apart from the normal execution environment. The main advantage of delegating such security functions to an isolated environment such as TEE is its logical and physical separation from the Rich Execution Environment (REE) that can be prone to insecure software. TEE has gained significant interest and is widely adopted by the payment industry, media and entertainment as well as the Internet of Things (IoT). Most modern devices including general-purpose computers, smartphones, and TVs are equipped with TEE.
Developing secure TEEs is paramount for the secure application of the TEE technology within the automotive industry. This paper is written to support development teams, including product owners, design architects, product engineers, and security experts. Within the automotive industry, the TEE is used for applications such as In-Vehicle-Infotainment (IFI) and Advanced Driver Assistance Systems (ADAS). The automotive manufacturers are offering vehicle-related services through back-ends and mobile applications and have recognized the need to understand the technology that they rely on.
As the leading expert in TEE security assessments since 2011, Riscure describes the most frequent security pitfalls for TEE developers and integrators. This paper includes real-world examples for the issues we describe, based on our experience with the evaluation of over 50 different TEE solutions in the past years. Riscure also provides expert advice and best practices enabling the automotive industry to develop secure TEE based solutions, meeting the state of the art security requirements for TEE.
A lot of research has been performed in the field of TEE security. This paper is not intended to provide an exhaustive overview of such research and the cases we provide are used to illustrate the examples+ in order to enable the reader to quickly explore additional resources. For more generic software mistakes, we have provided a few examples that go beyond TEE. We finalize the paper with an outlook of the most important future TEE security topics.