Amazon Web Services has released a preconfigured FreeRTOS example for Armv8-M and the NXP LPCXpresso55S69 board. With the addition of board- and device-specific examples, it is even easier to start and use the Arm® TrustZone® features combined with MPU (Memory Protection Unit) on the NXP LPC55xx MCU.
LPCXpresso55S69 Board
The LPCXpresso55S69 is an ideal development board for evaluating the Arm Cortex®-M33 architecture and security features. The core platform features two Arm Cortex-M33 cores running up to 100 MHz.
LPC55X6x Block Diagram
FreeRTOS is the de facto real time operating system for small and low-power devices. Since 2017, FreeRTOS has been an AWS open source project. AWS has released a FreeRTOS port to support Arm Cortex-M33 devices: AWS Makes It Easier for Embedded Developers to Build IoT Applications with Additional Preconfigured ...
With the Arm TrustZone approach to divide into a 'secure/trusted' and 'unsecure/not-trusted' world, it is possible to effectively protect sensitive code and data, such as secure bootloaders, key and encryption management and trusted applications on the 'secure' side, with the ability to run other functionality (for example third-party applications or middleware) at a lesser security level.
FreeRTOS with NXP MCUXpresso IDE and SDK
FreeRTOS can be configured at compile time to run either on the secure side or on the non-secure side. When FreeRTOS is run on the non-secure side the tasks (or threads) can call secure-side trusted functions that, in turn, can call back to non-secure functions, all without breaching the kernel’s prioritized scheduling policy. That flexibility makes it possible for application writers to create non-secure FreeRTOS tasks that interact with trusted secure-side firmware.
Setting up security adds some extra complexity and having these examples available in the FreeRTOS mainline release will help you to add security and TrustZone features to the next LPC55xx MCU design.
Happy Securing!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.