Secure OS technology

Trusted Execution Environments (TEE) have become a core and necessary part of many devices, including all Android phones and many in-vehicle components.

Trustonic’s TEE OS ‘Kinibi’ is a highly mature product that has been deployed for countless applications across many chipsets. Kinibi 600, the latest iteration, focuses on performance and flexibility, providing 64-bit SMP and broad support for Android and automotive environments, whilst retaining best-in-class security. It also introduces support for the new ARM V9 architecture.

Security goes beyond a secure OS. Key management and secure software provisioning are crucial. Trustonic collaborates with the entire value chain, offering our TEE as part of the BSP for streamlined integration. We support various delivery modes for separately signed driver and application binaries, including OTA updates. Additionally, we provide reference implementations of Google’s Gatekeeper and Keymaster applications, ensuring Google compliance and simplifying the Android CTS process for OEMs.

The Trusted Execution Environment runs a full operating system, and one of the key capabilities this offers is secure peripheral access. When these peripherals are in use by the TEE, they are physically disconnected from Android at the bus level, ensuring very strong isolation.

One of the most powerful use cases is the Trusted User Interface (TUI). This provides a secure display and a secure touch interface. Together, these enable a display to be completely isolated from the main OS, and from a potential error or malware running in it.

Our TEE ensures secure drivers for Trusted User Interfaces (TUI). But technology is pointless without leverage. Our SDK offers an XML layout language with animation and text layout support, making TUI accessible to all developers, not just experts.

The TUI has obvious application security functions, such as PIN entry. It can also be used more generally, for secure messaging, automotive applications or financial transactions. The list is not exhaustive and, as the Internet of Things becomes more prevalent, we expect the range of use cases and applications to expand significantly.

IETF Standards: We adhere to the International Engineering Task Force’s (IETF) defined standard claims and overall guidelines, ensuring superior security and compliance

Global Platform Collaboration: In partnership with Global Platform, we’ve developed advanced claims specifically tailored to Trusted Execution Environments (TEEs) and Secure Elements (SEs)

Android and Boot Claims by Google: Our platform is compatible with Google’s focus on Android and boot claims, allowing seamless integration with the world’s most popular mobile operating system

Our Entity Attestation Tokens (EATs) are not only encrypted but also signed to guarantee the utmost level of security. The digital signature serves as proof that the token originates from a reputable entity, providing an additional layer of trust for our clients

Our platform enables services to leverage claims data for enhanced decision-making regarding entity trustworthiness. By providing valuable context, we empower businesses to make informed choices to protect their digital assets and ensure secure connections.

Take the complexity out of trusted application development. With QEMU based SDK, you can easily develop, validate and debug Trusted Applications or Secure Drivers based on Global Platform APIs. Streamline your process and focus on what matters most – creating robust, secure solutions tailored to your specific requirements.