Current ARM TrustZone-based Trusted Execution Environments (TEEs) lack fine-grained, runtime integrity monitoring, rendering them vulnerable to persistent attacks. This paper proposes PDRIMA—a policy-driven dynamic measurement and remote attestation mechanism—that systematically characterizes the TEE runtime attack surface for the first time. PDRIMA comprises two tightly integrated subsystems: a Security Monitoring Agent (SMA) and a Remote Attestation Agent (RAA). The SMA enables periodic re-measurement of the TEE kernel, user applications, and critical system calls, along with tamper-resistant log aggregation; the RAA generates cryptographically verifiable integrity proofs. Implemented on OP-TEE running on Raspberry Pi 3B+, the prototype demonstrates high detection accuracy against diverse TEE integrity violations while incurring an average performance overhead of less than 8.2%, confirming its suitability for resource-constrained IoT devices.

Trusted Execution Environments (TEEs) such as ARM TrustZone are widely used in IoT and embedded devices to protect sensitive code and data. However, most existing defenses focus on secure boot or REE-side monitoring and provide little visibility into the runtime integrity of the TEE. This leaves TrustZone-based devices exposed to persistent TEE compromises. We propose Policy-Driven Runtime Integrity Measurement and Attestation (PDRIMA), a runtime integrity protection approach for TrustZone-based TEEs. PDRIMA systematically analyzes TEE attack surfaces and introduces two in-TEE subsystems: a Secure Monitor Agent (SMA) that performs policy-driven measurement, appraisal, logging, and time-based re-measurement over the TEE kernel, static components, user-TAs, and security-critical system calls; and a Remote Attestation Agent (RAA) that aggregates tamper-evident evidence and exposes a remote attestation protocol for verifying. We analyze PDRIMA's security against identified attack surfaces, implement a prototype on OP-TEE for Raspberry Pi 3B+, and evaluate its performance overhead to indicate its practicability.