ARM's Confidential Compute Architecture (CCA) hardware and software for securing data in ARMv9-A designs is based around a new kind of environment called a Realm that protects the data and code, even in use.
“Currently, applications and virtual machines place huge amounts of trust in the supervisor software (kernels or hypervisors) that manage them,” said Richard Grisenthwaite, SVP, chief architect and fellow at ARM. “Supervisors can access the resources used by applications for their program code and data. Exploits against supervisors can therefore leak confidential data or algorithms held in the applications.”
Confidential computing changes the traditional trust relationship between applications and supervisors by removing the supervisor’s right to access the resources used by the application, while retaining the right to manage them. Removing that right of access is critical because the devices we use today handle large quantities of confidential data. Cloud systems can be running payloads from many different customers, while mobile devices can contain both personal and business information, from medical data to company emails. Confidential computing reduces the need to trust unseen technology within any compute environment.
CCA is intended to run from the sensors all the way through the smartphone up to the data cetnre and supercomputers. It extends workload isolation to enable a provider to shift from a position where service providers will not access customer data, to one where they cannot access customer data - thereby reducing the volume of software that must be trusted, the attack surface for hackers, and the potential for customer data or algorithm breaches.
The Realm Management Extension (RME) defines the hardware architecture for Realms along with an extension to TrustZone enabled by RME that removes the need to dedicate memory to TrustZone. This Dynamic TrustZone technology allows TrustZone to be used for applications with large and dynamic memory footprints, for example in the data centre.
ARM has worked with operating system and firmware developers to drive standard interfaces for interaction with RME firmware by defining a Realm Management Monitor (RMM) and extensions to the Monitor to provide an architecture for Realms. Chip designers, particularly NXP, have been adding security enclaves to their designs, and CCA provides a more standardised way that will support software developers.
“In our increasingly automated world where data privacy and confidentiality are imperative, CCA provides an opportunity to add a complementary layer of security to the integrated security capabilities that have been foundational to our processing portfolio for IoT, industrial, and automotive markets,” said Ron Martino, Executive Vice President and General Manager of Edge Processing, NXP Semiconductors. “Data generated, processed and sent by intelligent edge devices must be protected, and this is a step toward achieving that desired integrity and confidentiality.”
To do this, open-source projects such as trustedfirmware.org provide standard implementations of ARM CCA firmware, and new projects for confidential computing such as project Veraison will deliver open-source software for constructing attestation verification services
The code or data of a Realm is situated in memory that is assigned to that Realm, and any attempted access of that memory from the supervisory software that created the Realm (kernel or hypervisor), or by TrustZone code, other Realms or devices not trusted by the Realm, are blocked and result in faulting exceptions says Grisenthwaite.
Next: ARM CCA data structure