Introduction

The Kunpeng BoostKit for Confidential Computing TrustZone Kit is an Arm TrustZone–based software kit, including the Huawei-developed trusted execution environment (TEE) secure OS iTrustee, iBMC and BIOS of the Kunpeng server, and open source OS driver and SDK. It helps to build confidential computing solutions and aims to provide integrity, confidentiality protection, and trusted use for your key data.

The TrustZone kit is not a mandatory component of Kunpeng servers. If you need the TrustZone it, specify that you want the TEE function when purchasing a Kunpeng server. A Kunpeng server with the TEE function comes preconfigured with the TrustZone kit.

Based on TrustZone, iTrustee offer a complete security solution, including a client application (CA) in normal mode, a trusted application (TA) in secure mode, and a trusted OS in secure mode.

This document describes:

• Features provided by TrustZone.
• How to use these features on Kunpeng servers on which TrustZone is enabled.