Introduction to OP-TEE

This course covers the Open Portable Trusted Execution Environment (OP-TEE). It introduces the core concepts of a Trusted Execution Environment (TEE), an isolated environment that provides trusted services and a higher level of security than a Rich OS (REE). The course details the OP-TEE architecture, explaining the roles of components in the Normal World (like the optee_client library and tee-supplicant daemon) and the Secure World (the OP-TEE Trusted OS and Trusted Applications). It emphasizes compliance with GlobalPlatform TEE standards for APIs and design, addresses topics such as shared memory, cryptography (defaulting to LibTomCrypt), compatibility with ARM Trusted Firmware (ARM-TF), and includes practical information on building, running, and debugging OP-TEE in environments like QEMU, along with guidelines for porting to a new platform.

• OP-TEE Architecture: How OP-TEE integrates with Rich Operating Systems (REE) and the Secure World.
• Trusted Applications (TAs): Development, structure, communication, and APIs for TAs.
• Secure Storage: Concepts and methods for secure data storage within OP-TEE.
• Arm TrustZone: The underlying technology providing hardware-enforced isolation for OP-TEE.
• OP-TEE Build Process: How to set up the build environment and compile OP-TEE from source.

• Understanding of Trusted Execution Environments (TEEs): The core principles and purpose of TEEs like OP-TEE.
• Skills to develop Trusted Applications: How to create, build, and deploy TAs.
• Knowledge of OP-TEE internals: How OP-TEE components work and interact with each other.
• Ability to set up and build OP-TEE: Practical skills for working with the OP-TEE source code.
• Familiarity with Arm TrustZone: Basic concepts and implications of TrustZone technology for security.