Andes Technology Expands Comprehensive AndeSentry™ Security Suite with Complete Trusted Execution Environment Support for Embedded Systems

Includes IOPMP, Secure Boot, MCU-TEE for RTOS, and OP-TEE for Linux to Protect Devices from MCUs to Edge AI Processors

Hsinchu, Taiwan – October 6th, 2025 – Andes Technology Corporation, the leading supplier of high-efficiency, low-power 32/64-bit RISC-V processor cores, today announced the latest AndeSentry™ Framework with two new components, Secure Boot v1.0.1 and MCU-TEE v1.0, designed to enable full Trusted Execution Environments (TEE) across its RISC-V processor IP lineup. The solution combines advanced hardware protections with proven industry-standard software components to protect assets, ensure system integrity, and accelerate secure system development for applications spanning IoT, automotive, industrial, and edge AI.

AndeSentry™ Framework is a collaborative security suite that integrates Andes’ in-house solutions with partner technologies. This approach provides robust solutions to meet diverse customer needs. The comprehensive TEE packages in the AndeSentry™ suite include:

• RISC-V I/O Physical Memory Protection (IOPMP) – Extends memory protection beyond the CPU to the I/O subsystem, acting as a hardware firewall at the system level. Enforces fine-grained access control between cores and memory-mapped peripherals, preventing unauthorized or malicious access attempts. When used with Physical Memory Protection (PMP), IOPMP enables robust partitioning of secure and non-secure resources—critical for isolating sensitive code and data in TEEs.
• Secure Boot – Establishes the root of trust for the device by verifying the integrity and authenticity of the initial boot code stored in non-volatile memory using cryptographic signatures. Each subsequent stage is validated before execution, maintaining the chain of trust through the entire boot sequence and protecting against unauthorized firmware modifications.
• MCU-TEE Secure Monitor – Delivers lightweight TEE capabilities for single-hart RISC-V MCUs operating in M+U mode. Utilizes PMP/Enhanced PMP (ePMP) to enforce zone-based memory isolation, supporting up to eight independent execution zones, each with its own Zone SDK. Optimized for bare-metal and RTOS environments, MCU-TEE boosts security without compromising real-time performance or adding excessive overhead.
• OP-TEE Support – Provides full integration with the widely used OP-TEE secure monitor for Linux-based systems. Developers can build and deploy trusted applications that remain securely isolated by hardware, using the standardized GlobalPlatform TEE API for interoperability and ease of development.

Development tools, SDKs, and reference designs are included to reduce integration effort and speed time-to-market.

“As embedded systems grow more connected and security threats intensify, hardware-only protection is not enough.” said Dr. Charlie Su, President and CTO of Andes Technology. “The upgrade of AndeSentry™ security suite provides a complete hardware and software solution for Trusted Execution Environment. It protects user data and ensures system integrity on any device, from microcontrollers to edge AI processors, and meeting the toughest security and certification requirements.”

About Andes Technology

As a Founding Premier member of RISC-V International and a leader in commercial CPU IP, Andes Technology  (TWSE: 6533; SIN: US03420C2089; ISIN: US03420C1099)  is driving the global adoption of RISC-V. Andes’ extensive RISC-V Processor IP portfolio spans from ultra-efficient 32-bit CPUs to high-performance 64-bit Out-of-Order multiprocessor coherent clusters. With advanced vector processing, DSP capabilities, the powerful Andes Automated Custom Extension (ACE) framework, end-to-end AI hardware/software stack, ISO 26262 certification with full compliance, and a robust software ecosystem, Andes unlocks the full potential of RISC-V, empowering customers to accelerate innovation across AI, automotive, communications, consumer electronics, data centers, and mobile devices. Over 17 billion Andes-powered SoCs are driving innovations globally. Discover more at https://www.andestech.com