This figure shows TEE-Watchdog’s high-level architecture and processes in the secure world of a TrustZone-enabled IoT device. (1) An IoT vendor supplies a signed manifest file along with a peripheral/sensor containing access requirements for each secure peripheral in the IoT device. (2) TEE-Watchdog’s Security Manager parses the manifest file and generates an access table based on the manifest file at system boot. (3) When secure software becomes active, the Security Manager configures secure peripherals according to the permissions specified in the access (Table 4). If and when secure software tries to access peripheral beyond its access permissions, TEE-Watchdog’s Security Manager fetches all information regarding the access violation and logs the event in the log file in trusted storage. (5) The log file can then be sent to an external auditor or used in training of intrusion detection systems or simply report the misbehaving software.