I am working with the IoT operating system RIOT-OS and have been developing some cryptography features for it. For my master thesis I'm exploring Trusted Execution Environments (TEE) for RIOT and how to integrate them with the OS. Newer Arm Cortex-M devices with the Armv8-m architecture offer a hardware security mechanism called TrustZone-M (TZ-M), that can be used to efficiently implement secure processing environments. One platform with TZ-M that is also supported by RIOT is the Nordic nRF9160dk, which I am using for a PoC for my thesis. To understand how TZ-M works and what is needed to use it, I started looking for a nice, minimal bare-metal example with simple secure and non-secure images and a simple linker file. Finding such an example for Nordic boards was surprisingly difficult, so I assembled all the information and code snippets I could get and build my own little project, which I now share on Github. In this blog post I'll explain how I collected that information and what I did to get it running eventually.
Dear person,