2.4.6 Security

To build a system based on the Secure and Non-secure capabilities that ARM TrustZone® technology provides, you must consider the following security issues.

This section describes:

Security status of the internal programmers view

You can configure the programmers view of the CCI-550 for access by Secure or Non-secure requests.

With the exception of the PMU registers, the programmers view defaults to Secure access only, as follows:
  • Non-secure reads of Secure registers receive zeroed data.
  • Non-secure writes to Secure registers are Write-Ignored (WI).
There is no error response in either of these cases.
You can change the security model by writing to the Secure Access Register. This enables Non-secure access to all registers except the Control Override Register and the Secure Access Register. You can also make the PMU registers accessible to Secure requests only.

Making a non-TrustZone aware master Secure

For a master that is not TrustZone-aware, you can tie the ARPROT[1] and AWPROT[1] input signals LOW to place it permanently in the Secure domain. This means that the master can access Secure data in the caches of the ACE masters and Secure registers in the CCI-550, so the resulting system might not be secure under all circumstances.

Security of master interfaces

Transactions from the CCI-550 master interfaces always retain the security setting of the originating transactions.

The security settings of the originating transactions apply to:
  • Non-shareable transactions.
  • Shareable transactions that miss in the snoop filter or receive a snoop miss response.
  • Writes generated by the CCI-550.

Security considerations for the PMU

You can configure the PMU to count only Non-secure events or both Secure and Non-secure events, depending on the SPNIDEN, SPIDEN and DBGEN input signals.

If you configure the PMU to count both Secure and Non-secure events, then there is a potential security risk because Non-secure software can observe Secure activity through the performance counters. ARM recommends that you consider the security to be breached for devices placed in this state and take appropriate action.
If the PMU changes from counting all events to counting only Non-secure events, the counters can contain information relating to Secure transactions. Therefore, ARM recommends that the software sets the event counters to zero after changing the configuration to avoid a potential security risk.


Unlike ARM processors, the CCI-550 makes no distinction between events from user or privileged transactions.

Support for TrustZone Media Protection

In systems that require hardware protection of media data, you can configure the CCI-550 to support ARM TZMP1.

To differentiate between Protected and Non-Trusted entities, ARM defines 16 states that mark all processes within hardware and software. These states are defined using the Non-secure Access ID (NSAID), and each initiating device in the SoC has one or more NSAID values assigned in hardware. The NSAID enables other components to identify the initiating device for a particular transaction, and to identify whether the device is treated as Non-protected and therefore permitted to read data from other Non-protected masters.
Non-ConfidentialPDF file icon PDF versionARM 100282_0100_00_en
Copyright © 2015, 2016 ARM. All rights reserved.