RT Journal Article
T1 A survey on the (in)security of trusted execution environments
A1 Muñoz-Gallego, Antonio Jesús
A1 Ríos-del-Pozo, Rubén
A1 Román-Castro, Rodrigo
A1 López-Muñoz, Francisco Javier
K1 Seguridad informática
K1 Ordenadores - Medidas de seguridad
K1 Informática - Medidas de seguridad
AB As the number of security and privacy attacks continue to grow around the world, there is an ever increasing need to protect our personal devices. As a matter of fact, more and more manufactures are relying on Trusted Execution Environments (TEEs) to shield their devices. In particular, ARM TrustZone (TZ) is being widely used in numerous embedded devices, especially smartphones, and this technology is the basis for secure solutions both in industry and academia. However, as shown in this paper, TEE is not bullet-proof and it has been successfully attacked numerous times and in very different ways. To raise awareness among potential stakeholders interested in this technology, this paper provides an extensive analysis and categorization of existing vulnerabilities in TEEs and highlights the design flaws that led to them. The presented vulnerabilities, which are not only extracted from existing literature but also from publicly available exploits and databases, are accompanied by some effective countermeasures to reduce the likelihood of new attacks. The paper ends with some appealing challenges and open issues.
PB Elsevier
YR 2023
FD 2023
LK https://hdl.handle.net/10630/26340
UL https://hdl.handle.net/10630/26340
LA eng
NO Antonio Muñoz, Ruben Ríos, Rodrigo Román, Javier López, A survey on the (in)security of trusted execution environments, Computers & Security, Volume 129, 2023, 103180, ISSN 0167-4048, https://doi.org/10.1016/j.cose.2023.103180.
NO Funding for open access charge: Universidad de Málaga / CBUAThis work has been partially supported by the Spanish Ministry of Science and Innovation through the SecureEDGE project(PID2019-110565RB-I00), and by the by the Andalusian FEDER 2014–2020 Program through the SAVE project (PY18-3724).
DS RIUMA. Repositorio Institucional de la Universidad de Málaga
RD 19 ene 2026