...
When hardware has support for isolation. TrustZone, but also other.
ARM input on this? Lots of ARM updates in the pipe... timing (can become obsolete quickly)
Describe at least High-level understanding.
- OS isolation
- GPU OS isolation
- IOMMU (IPMMU) OS isolation
- Bus Master / IP / Memory access isolation
- Independent security and safety groups control access of IP on bus and memory protection
- Multi-level security isolation outside of common IP such as TrustZone
- e.g. Implementation in real time cores
- Lifecycle Management
- e.g. control of security at different stages of its life
System-level quality of service. Future Some architectures can guarantee QoS on internal interconnects and caches, etc. (what else?) controlled by VM configuration or h/w controls.
...