Abstract: We propose a secure scheme for trusted code execution on mobile embedded devices based on the idea of program whitelist, which is focus on the application scenarios with strong security requirements and fixed calculation functions, such as industrial 4.0 and “bring your own device”. We leverage the trusted execution environment provided by ARM Trustzone and the virtual memory protection mechanism of ARM to build an enclave in the OS kernels address space, which cannot be tampered by the untrusted OS kernel itself. Some monitor functions are placed in the enclave to provide integrity protection for executable files, runtime code and runtime control flow of trusted processes, ensuring that only authorized code complying with the whitelist strategy can be executed on target devices. The sheme also enhances the security for communications between the target devices and the center control server by building secure shared memory areas between communication client processes and Trustzone secure world, and by building a trusted timer interrupt source in Trustzone secure world. Secure protocols for whitelist update and platform status attestation are proposed based on these security enhancements. We implement the prototype system on real Trustzone-enable hardware devices. The experimental results show that our scheme achieves ideal usability, security and efficiency.