With　the　rapid　development　of　computer　and　communication　technology,　embedded　systems　are　widely　used　in　smart　devices.　The　increasing　connectivity　of　these　systems　and　the　difficulties　in　providing　comprehensive　security　have　made　such　devices　vulnerable　to　malicious　attacks.　Passive　defense　technologies　and　traffic-based　intrusion　detection　technologies　are　not　fully　effective　against　such　attacks.　Trusted　execution　environment　(TEE)　technology　can　ensure　system　security　against　unknown　attacks　to　some　extent.　Most　researchers　use　TrustZone　to　implement　TEE.　However,　the　problem　is　that　the　API　interface　of　the　TEE　module　which　provides　the　service　is　not　secure.　Therefore,　to　actively　defend　against　attacks,　we　developed　a　trusted　computing　active　measurement　architecture　based　on　TrustZone.　To　overcome　the　serious　problem　that　modules　in　the　trusted　execution　environment　need　to　be　passively　invoked　to　provide　services,　we　have　proposed　an　active　measurement　closed-loop　immune　mechanism.　To　reduce　the　trusted　computing　base　and　reduce　the　performance　overhead,　we　removed　certain　functional　modules　from　the　trusted　execution　environment.　In　addition,　based　on　this　architecture,　we　developed　a　trust　chain　and　dynamic　measurement　method　to　ensure　the　security　of　the　target　applications.　We　changed　the　traditional　attack　response　method,　which　requires　the　entire　system　to　be　restarted　after　an　attack,　by　developing　a　fallback　mechanism　that　is　more　suitable　for　the　system.　Finally,　we　verified　the　effectiveness　of　the　architecture　by　developing　an　attack　model.　Performance　testing　and　analysis　showed　that　the　architecture　reduced　the　impact　of　the　security　mechanisms　on　the　system.　In　the　future,　we　will　extend　our　research　to　more　fine-grained　measurements.　©　2023　Xiaoqing　Liu　et　al.