"And what of Trustonic's TEE? Unlike QSEE's model, trustlets are unable to map-in and modify physical memory. In fact, the security model used by Trustonic ensures that trustlets aren't capable of doing much at all. Instead, in order to perform any meaningful operation, trustlets must send a request to the appropriate “driver”. This design is conducive to security, as it essentially forces attackers to either compromise the drivers themselves, or find a way to leverage their provided APIs for nefarious means. Moreover, as there aren't as many drivers as there are trustlets, it would appear that auditing all the drivers in the TEE is indeed feasible. "