With the advent of the Internet of Things(IoT) and the numerous attacks on embedded devices, security has become one of the main concerns in such systems. There are several approaches to address security in the embedded domain, but existent strategies are being misconstrued as the addition of features (e.g., cryptographic algorithms and security protocols) to the system at a late stage of the system development. An unavoidable change must take place to the way devices are being developed, guaranteeing security since the outset.

ARM TrustZone Technology is a well-established security-oriented technology which reassures embedded system’s security from the outset and promotes hardware as initial root of trust. The applicability of this technology ranges from efficient and secure virtualization solutions to trusted execution environments. Both cases, despite targeting different applications with different specificities, consolidate two virtual environments in the same platform, becoming mandatory resource sharing among them.

Three shared device accessing approaches are currently used In TrustZone-based architectures: Emulation, para-TrustZone and re-partitioning. Existing approaches have different trade-offs on TCB size expense, execution overhead, performance, latency and security.

This work intends to introduce and implement a new approach for shared device access in TrustZone-based architectures, extending the concept of TrustZone to the devices and evaluating it by performing exhaustive studies about the hardware implementation costs while comparing the achieved speed-up with existing solutions.