Architecture 21 User Guide — Qoriq Trust

The central hardware unit governing security policy enforcement.

NXP provides the Code Signing Tool (CST) utility to generate the necessary RSA key pairs and formatting scripts.

The architecture operates a deterministic security state machine moving through states like Check , Non-Secure , Secure , and Fail .

If the verification fails, the processor immediately enters a Fail State , halting execution and triggering configured security actions (such as asserting a failure pin or wiping keys). Implementing Trust Architecture 2.1: Step-by-Step qoriq trust architecture 21 user guide

The reads internal fuse values immediately upon power-on.

The Qoriq Trust Architecture 21 is a comprehensive security framework developed to address the growing need for secure and trustworthy systems. QTA21 provides a modular and scalable design, allowing users to build secure systems that meet the evolving demands of modern applications. This architecture is built around the concept of trust, which is established through a rigorous evaluation of system components and their interactions.

Verifies that code originates from an authorized manufacturer. If the verification fails, the processor immediately enters

What are you using (e.g., Yocto Project Linux, U-Boot, ARM Trusted Firmware)?

Ultimate Guide to NXP QorIQ Trust Architecture 2.1: Securing Embedded Systems

QTA-21 is a hardware-enhanced security framework integrated into NXP’s Qoriq processors. It combines firmware and silicon-level protections to create a Trusted Execution Environment (TEE), shielding sensitive operations from malicious attacks. Key attributes include: QTA21 provides a modular and scalable design, allowing

: Continuously monitors the system during operation to detect unauthorized modifications to code or configuration data.

: Because it cannot be modified by software, it serves as the uncompromisable Immutable Root of Trust (RoT). 2. One-Time Programmable (OTP) Fuses