optee

OP-TEE, short for Open Portable Trusted Execution Environment, is an open-source TEE implementation designed for ARM TrustZone-enabled systems. It provides a secure execution environment outside the normal operating system, allowing trusted applications to run in isolation and protect sensitive data such as cryptographic keys, credentials, and biometric templates from potentially compromised software.

It comprises two execution worlds: the non-secure world, where the regular operating system runs, and the secure

Key capabilities include secure storage, cryptographic operations, attestation, and access to trusted peripherals. It provides a

OP-TEE is maintained as an open-source project by Linaro and contributors, with components such as optee-os

OP-TEE is used to implement secure storage, key management, code attestation, and other security services in