TIMA PKM (Periodic Kernel Measurement ) performs continuous periodic monitoring of the kernel to detect if legitimate kernel code and data have been modified by malicious software. TIMA PKM also monitors key SE for Android data structures in the OS kernel memory to prevent malicious attacks from corrupting them and potentially disabling SE for Android.

TIMA RKP (Real time kernel protection) performs ongoing, strategically-placed real-time monitoring of the operating system from within TrustZone to prevent tampering of the kernel. TIMA RKP intercepts critical events happening inside the kernel, which are inspected in TrustZone. Also, if an event is determined to have impact on the integrity of the OS kernel, TIMA RKP either stops the event, or logs an attestation verdict that tampering is suspected, which is sent to the MDM. This protects against malicious modifications and injections to kernel code, including those that coerce the kernel into corrupting its own data.

TIMA RKP monitors code of kernel and memory events, and catches any malicious activity in real time whereas TIMA PKM periodic checks the kernel checksum. TIMA PKM also checks kernel modules whenever they are loaded.