Trusted Peripherals in TrustZone-M
Securing Peripherals in Embedded Systems using ARM TrustZone-M
As part of my bachelor's thesis, I researched the prospect of isolating peripherals in embedded devices to a Trusted Execution Environment (TEE), which in theory should make them an equally trusted part of the system. This would enable us to, e.g., have confidence in the integrity of a sensor's readings, even if the device attached to the sensor is located in an untrusted environment.
For the hardware I used the Cortex-M33-based NUCLEO-L5552ZE-Q development board and for the RTOS I used Zephyr in combination with a customized version of TrustedFirmware-M, which provides a standard-compliant TEE implementation.
You can find the source code here and the thesis as a pdf here.