Key points are not available for this paper at this time.
ARM's TrustZone is a hardware-based trusted execution environment (TEE), prevalent in mobile devices, IoT edge systems, and autonomous systems. Within TrustZone, security-sensitive applications reside in a hardware-isolated secure world, protected from the normal-world's applications, OS, debugger, peripherals, and memory. However, microarchitectural side-channel vulnerabilities have been discovered on shared on-chip resources, such as caches and branch prediction unit (BPU). In this paper, we propose TrustZoneTunnel, the first Pattern History Table (PHT)-based side-channel attack on TrustZone, which is able to reveal the complete control flow of a trusted application in the secure world. We reverse-engineer the PHT indexing for ARM processors and develop key primitives for cross-world attacks, including well-controlled world-switching, PHT collision construction between two worlds, and precise PHT state-setting and checking functions. Furthermore, we introduce a novel model extraction attack against TrustZone based deep neural network, which can recover model parameters using only the side-channel leakage of vital branch instructions, obviating the need for model output or logits while prior research work requires such knowledge for model extraction.
Xu et al. (Mon,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: