Open Platform Trusted Execution Environment (OP-TEE)
This is the development repo (open-platform-trusted-exe-environment) for the ARTIK 530 trusted execution applications. It relies on these repos to provide the OP-TEE port to ARTIK 530:
- Manifest for ARTIK530 OP-TEE environment
- Port of ARTIK530 to OPTEE OS
- Build instructions and make files for OP-TEE on ARTIK530
- Generate the OP-TEE rootfs for ARTIK530
Some examples are supplied by the CTO proof of concept, and these can be used as a starting point for the Truseted Agent design - but note that the SDK interface is very different from when these examples were created.
The OPTEE porting guidelines were followed for the ARTIK port.
Reflashing ARTIK 520 and ARTIK 530
Easiest to download images from the Samsung ARTIK downloads and transfer to SD card using eg Etcher. The ARTIK board has to be advised to boot from the SD card, otherwise it is regarded as plain old memory, so use these switches ON for SD card boot, OFF for on-board memory boot:
- ARTIK 520 - switch SW2 position 1
- ARTIK 530 / 530S - switch SW102 position 4
Recovering a bricked ARTIK
It has happened to all of us - our latest rootfs / kernel / TEE image looked so great until we reflashed and tried to run it ... and then we get an unresponsive board. Reflashing the board will get us out of this hole, so long as we use known good SD card images such as Samsung ARTIK downloads.
Here be Dragons: the reflashing requires a working ROM Bootloader -> BL1 Bootloader -> U-Boot chain to work. If any of these are broken (well, OK, the ROM bootloader is never broken) then we can not reflash the board using the SD card. This may result in a bricked board that needs a JTAG prgrammer to recover it. Detail of JTAG programming the boot area is TBD.