RustZone: Writing Trusted Applications in Rust presented at blackhatEurope 2018

by Eric Evenchick,

Summary : Trusted Execution Environments (TEEs) are present in many devices today, and are used to perform security critical computation in an isolated environment. ARM's TrustZone is one of the most widely used TEEs in the world today, present in nearly every modern Android device.TrustZone allows developers to write applications that run in a "Secure World" with hardware isolation of resources. Most implementations use a Trusted Operating System to run multiple Trusted Applications.However, Trusted Applications are still written in C, and many common classes of vulnerabilities have been found in these applications. While TrustZone provides isolation of resources, it cannot prevent against vulnerable code.In this talk, we will explore using the Rust language to write a Trusted Application. Rust allows developers to write system level code, but provides security features including memory safety, type safety, and error handling. These are desirable features for development of Trusted Applications.We will begin with an overview of TrustZone and Rust language, then show how Rust can be used to develop a Trusted Application. To conclude, we will demo a Trusted Application on real TrustZone hardware.