# Features

Qualcomm TEE enhances the security features and their extensions. It
offers interfaces that allow the extension of the security feature set
through the trusted applications. Certain features are integrated into
the hardware-supported TrustZone architecture, providing a system
security configuration. These features can be further customized to meet
specific requirements.

For information on the Qualcomm TEE and secure components, see [Qualcomm TEE](https://docs.qualcomm.com/doc/80-70017-11/topic/qualcomm-trusted-execution-environment.html#qualcomm-trusted-execution-environment) and [Architecture](https://docs.qualcomm.com/doc/80-70017-11/topic/architecture.html#architecture).

*Unlock the full potential of Secure Boot technology on Qualcommdevices in this comprehensive tutorial. From generating cryptographickeys to programming hardware fuses and managing secure boot status, thisvideo covers every step in detail. Ideal for users aiming to enhancedevice security through authenticated boot processes. Learn how to useQualcomm tools effectively to ensure your device boots securely everytime.*

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewbox="0 0 640 400" width="640" height="400" style="cursor:auto !important" aria-label="../../_images/video1-features-qualcomm-security-processor-foundations.svg">
    <defs>
      <style>@import url("https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&amp;display=swap");
.svg-1 .bg-fill { fill: var(--color-background) }
.svg-1 .fill-text { color: var(--color-content); fill: var(--color-content) }
.svg-1 .video-hoverbox { transition: opacity 0.15s ease-in-out }
.svg-1 .video-hoverbox:hover { opacity: 0.9 }</style>
  </defs>

  <foreignobject x="0" y="0" width="640" height="400">
    <body xmlns="http://www.w3.org/1999/xhtml">
        <iframe width="640" height="400" src="https://players.brightcove.net/1414329538001/BJv5wEFt_default/index.html?videoId=6358216194112" allowfullscreen="" allow="encrypted-media"></iframe>
    <div class='topic-detail'><div class='topic-updated-date'><span> Last Published: </span>Jan 30, 2025</div><div class='prev-and-next-links'></div></div></body>
    </foreignobject>
</svg>

*Learn how to use Qualcomm Type 1 Hypervisor and Trusted ExecutionEnvironment in this comprehensive tutorial. Dive deep into platformvirtualization, secure communication, and the extensive securityfeatures offered by Qualcomm. Learn how to develop secure applicationsusing Qualcomm tools and APIs, and understand the critical security usecases and compliance standards that Qualcomm supports. Perfect for usersaiming to enhance device security and functionality.*

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewbox="0 0 640 400" width="640" height="400" style="cursor:auto !important" aria-label="../../_images/video2-features-tee-and-chipset-services.svg">
    <defs>
      <style>@import url("https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,100..1000&amp;display=swap");
.svg-2 .bg-fill { fill: var(--color-background) }
.svg-2 .fill-text { color: var(--color-content); fill: var(--color-content) }
.svg-2 .video-hoverbox { transition: opacity 0.15s ease-in-out }
.svg-2 .video-hoverbox:hover { opacity: 0.9 }</style>
  </defs>

  <foreignobject x="0" y="0" width="640" height="400">
    <body xmlns="http://www.w3.org/1999/xhtml">
        <iframe width="640" height="400" src="https://players.brightcove.net/1414329538001/BJv5wEFt_default/index.html?videoId=6358216309112" allowfullscreen="" allow="encrypted-media"></iframe>
    <div class='topic-detail'><div class='topic-updated-date'><span> Last Published: </span>Jan 30, 2025</div><div class='prev-and-next-links'></div></div></body>
    </foreignobject>
</svg>

Note

The information related to features in this guide is descriptive and intended for your understanding. For any configurations or customizations, see [Configure](https://docs.qualcomm.com/doc/80-70017-11/topic/configure.html#configure) and [Customize](https://docs.qualcomm.com/doc/80-70017-11/topic/customize.html#customize).

- [Cryptography](https://docs.qualcomm.com/doc/80-70017-11/topic/crypto-core.html)
Qualcomm Linux Security offering includes support for both hardware and
software-based cryptography.
- [Key management](https://docs.qualcomm.com/doc/80-70017-11/topic/key-management.html)
The Qualcomm Linux Security solution supports the public-key cryptography standards by implementing the PKCS#11 APIs. This feature allows applications to use keys and certificates in a platform-independent manner.
- [Secure boot](https://docs.qualcomm.com/doc/80-70017-11/topic/secure-boot.html)
Secure boot is the boot up sequence that establishes a trusted platform
for the entire software stack.
- [Storage security](https://docs.qualcomm.com/doc/80-70017-11/topic/secure-file-system.html)
The secure file system (SFS) is used to store sensitive data, such as
keys and biometric data.
- [Storage encryption](https://docs.qualcomm.com/doc/80-70017-11/topic/file-based-encryption.html)
Storage encryption enhances security by supporting the transparent
encryption of files and directories.
- [SMC invoke](https://docs.qualcomm.com/doc/80-70017-11/topic/smcinvoke.html)
The secure monitor call (SMC) invoke is used to expose the services and
interfaces implemented in Qualcomm TEE to Linux clients. It provides
identification information about the requesting processes to Qualcomm TEE.
- [Access control](https://docs.qualcomm.com/doc/80-70017-11/topic/access-control.html)
The access control trust model ensures ongoing security and manages
access control configurations among assets, interfaces, SoC components,
and images.
- [Secure peripheral image loading](https://docs.qualcomm.com/doc/80-70017-11/topic/secure-peripheral-image-loading.html)
The secure peripheral image loading (PIL) of a TrustZone authenticates
different images and configures the xPUs for all subsystems such as
audio, camera, and video.
- [SELinux](https://docs.qualcomm.com/doc/80-70017-11/topic/selinux.html)
SELinux is a security enhancement for Linux, providing greater control
over system access. It implements mandatory access control (MAC) in the
Linux kernel using the Linux security modules (LSM) framework.
- [Qualcomm TEE](https://docs.qualcomm.com/doc/80-70017-11/topic/qualcomm-trusted-execution-environment.html)
Qualcomm TEE is the software that operates within the Arm TrustZone
environment on the Qualcomm device.
- [Qualcomm Hypervisor](https://docs.qualcomm.com/doc/80-70017-11/topic/hypervisor.html)
The Qualcomm Hypervisor provides a modern virtualization framework that allows multiple operating systems to run independently and concurrently, delivering high performance.
- [Qualcomm WES](https://docs.qualcomm.com/doc/80-70017-11/topic/qwes.html)
Qualcomm WES is a suite of trusted services, rooted in hardware, which
securely connects and manages devices.
- [Security hardening](https://docs.qualcomm.com/doc/80-70017-11/topic/security-hardening.html)
Security hardening is a process that minimizes the risk of system
attacks by making it more challenging for attackers to exploit the
system vulnerabilities.

Last Published: Jan 30, 2025

[Previous Topic
Getting started](https://docs.qualcomm.com/bundle/publicresource/80-70017-11/topics/get-started.md) [Next Topic
Cryptography](https://docs.qualcomm.com/bundle/publicresource/80-70017-11/topics/crypto-core.md)