Products and Technologies

T6 - Secure OS and TEE

T6 is a secure operating system and a trusted execution environment (TEE) platform designed and developed by TrustKernel since 2012. By design, T6 has leveraged hardware-grade isolation technology (ARM TrustZone, Intel SGX) and the most advanced protection mechanisms of modern operating systems to effectively prevent sensitive information from advanced hackings. It ensures the openness and hardware-grade security of operating system itself and applications, biometrics, documents and passwords it hosts. T6 is mainly targeted at smart devices, PCs, servers, and the Internet of Things. By running with legacy operating systems (Android, Linux, etc.) simultaneously, T6 builds a secure system infrastructure in the existing open ecosystem. Now T6 has been widely deployed in Android phones, tablets and IoT devices.

T6 Architecture

Why choose T6?

Use hardware-grade security technology

T6 runs in the isolated environment of ARM TrustZone, Intel SGX and other secure environment, which can defend against kernel-level attacks.

The most advanced protection mechanism

The numerous internal security designs of T6 have been recognized by the top experts in the academic circles, providing full life cycle security protection for applications and data.

Industry-leading diversified security functions

T6 supports TUI, fingerprint, face ,iris and other biometric security identification, as well as the interaction with security chip eSE, and dynamically scalable secure memory configuration

Standardized API and Application Management

T6 supports Global Platform TEE API and can run on all device platforms, so that trusted applications can be installed dynamically after the device leaves the factory.

Cross-platforms support to build a trusted application ecosystem

T6 is the only cross-platform product in the industry, which supports a variety of hardware platforms, including mobile devices, PC, server and IoT devices.

Withstand extensive deployment of product verification

Our product has uniquely maintained the record of zero repair and zero security accidents in the mass production of over 100 models of dozens of vendors.

T6 SDK:TKCore

TKCore is a development environment for developers compatible with the T6 platform, for the development and integration of trusted applications. The SDK provides sophisticated development compilation tools and documentation that can help developers build trusted applications within a day. It also provides developers with 1-2 days of development and training programs to help developers speed up the development, testing and deployment of trusted applications.


T6 Mass production line tools: KPH

Key Provisioning Hub (KPH) is the TEE security key provisioning, certificate import and upload tool provided by TrustKernel to the device manufacturers. Through the self-developed (Hub) systems, device manufacturers can easily integrate KPH to the existing production line tools and stations, without changing the existing system of production line or adding additional stations and human maintenance. The production line tool has been widely deployed in dozens of device factories.


Case: trusted application deployed on T6

T6 has the ability to protect the security system for a wide variety of trusted applications. Here are some of the trusted applications that are commonly used by device manufacturers on T6.

...

Device unlock through fingerprint and iris identification

Identification and device unlocking based on biometric identifications such as fingerprint and iris have been widely used in smart devices, and these applications have been secured by T6.

...

Secure mobile payment

Sensitive operations such as key protection of mobile fingerprint-based secure payment and payment token signature protection in WeChat, Alipay etc., are operated in T6.

...

Android security reinforcing

With higher security level and stronger security capability, T6 greatly improves the security of the overall system by monitoring the key logic of the Android kernel in TEE.

...

SoftSIM

The premise of SoftSIM’s replacing physical SIM is security concern. TEE can ensure the security of SoftSIM and the normal operation of the business.

...

Secure private space

Secure private space is an innovative application by TrustKernel. Through building a TEE Shadow Space in the Android system, it provides users with a private application operation and file storage space.

...

Secure locking and unlocking of device communication

Through the implementation of TEE's security management capabilities, device vendors, operators, and companies can perform detailed security management of terminal equipment's communication capabilities.


T6-M: Further defense against advanced physical attack

Physical attacks are a big threat to mobile devices. The portability of mobile devices also makes it vulnerable to theft and loss. In a complex attack mode, an attacker can start an attack on a crypto disk that stores user's data. The attacker obtains the encryption key and successfully decrypts the disk. The current TEE and security operating system cannot withstand such attacks. Therefore, it is important and urgent to protect confidential data in storage from physical attack. In T6-m, all external storage is encrypted, so there is no data leakage under physical attack.

T6-m is the secure enhancement of T6 TEE and protects TEE from physical attacks. T6-m can resist physical attack by eliminating the dependence on external storage. It uses specialized memory encryption techniques for the entire TEE, including kernel and user-layer applications, without the need for hardware support. The corresponding price is that the overall performance of the secure operating system will be reduced by about half.

No plain-text data in memory

T6-m ensures that all data in external memory is encrypted, so even if it is physically scanned, the attacker can only obtain encrypted text. Meanwhile, T6-m will detect data integrity to prevent data tampering.

System-level complete protection

T6-m protects the entire system rather than several components. So you don't need to configure which parts of the system need protection.

Transparent to trusted applications.

T6-m is completely transparent to security applications, which means that developers will not realize the existence of T6-m. Existing security applications can run smoothly on T6-m, just as it does on T6.

HOW TO GET T6

We provide evaluation and product authorization

For researchers and prototype-oriented assessments

We provide researchers with flexible T6 SDK and a hardware platform that can be used directly to support research projects.

Contact Us

For OEM, ODM and app developers

For device manufacturers, service providers and enterprise users For manufacturers and enterprise users, we provide T6 based security solutions through project integration. We can customize relevant T6 solutions for our clients.

Contact Us


Common FAQs

What is TrustZone?

ARM TrustZone is an ARM platform-based technology designed to establish hardware trust. Unlike TPMs that are designed as fixed-function devices and have a predefined set of features, TrustZone can be considered a more flexible way to use the CPU as a TPM. The architecture divides hardware resources into two different execution environments, Normal World and Secure World. CPUs that support TrustZone technology will have two additional modes. Normal mode indicates that the current CPU is running in the normal world and secure mode indicates that the CPU is operating in the secure world. In both the normal world and the secure world, the CPU provides a User mode for the application and a Privileged mode for the operating system. The only difference is that in the secure world, the CPU also has a new monitor mode (Monitor mode) that monitors the CPU's switching between the two operating environments. Specifically, when the CPU needs to switch the operating environment, the CPU will first enter the monitoring mode and store the current operating environment state in this mode, and then switch the operating environment. The switching of the operating environment is mainly based on two types of behaviors. The first one is more common to occur, that is an instruction called “Secure Monitor Call (SMC)” is executed. The instruction will switch the current CPU operating environment between the secure and normal mode. The second mechanism is to switch the operating environment through specific hardware exception mechanisms, such as interrupt request (IRQ) and fast interrupt request (FIQ) that can be configured to switch the operating environment when it occurs. ARM TrustZone is not limited to CPU level, but also including division and isolation of system bus, peripheral devices and memory controllers. The hardware resources on mobile platform include memory, external devices and interruption that can be divided into different execution environments. At the same time, TrustZone technology ensure that programs (including operating systems) in the normal world cannot access the hardware resources allocated to the secure world. The programs in the security world can however access all hardware resources of the two worlds, and the dynamically divide hardware resources in such a manner.

What is SGX?

SGX stands for Intel Software Guard Extensions and is a hardware extension to Intel IA for enhancing software security. This approach does not identify and isolate all malware on the platform. Instead, it encapsulates the security operations of legitimate software in an enclave to protect it from malicious software attacks. Privileged or non-privileged software cannot access the enclave. That is, once the software and data are in the enclave, even the operating system and the VMM (hypervisor) cannot affect the code and data in the enclave environment.

Why secure OS?

The trusted kernel makes full use of the security features of hardware architectures such as ARM TrustZone and Intel SGX to provide system-wide protection for applications and systems. Taking mobile secure payment as an example, the existing malware in a large number of mobile phone operating systems makes our mobile phones insecure. These complex operating systems have many security flaws, and attackers can easily use these flaws to attack end-users, such as stealing a user's payment password, tampering with payment transactions, and transferring money into an attacker's account. The TrustZone trusted core can withstand similar attacks by providing a system-wide hardware and software protection architecture.

What is the Global Platform TEE API?

GlobalPlatform is a multi-industry, non-profit organization whose role is to develop, develop, and release security chip technical standards to facilitate the management of multi-application industrial environments and their secure, interoperable deployment. The TEE API consists of two parts, one is the TEE Client API, which is used to provide a unified interface for invoking the TEE security application service for applications running in the normal operating system. The other part is the TEE Internal API, which provides a unified interface for trusted applications running in TEE.