If my understanding of the attached is correct then the RTOS is treated as trusted code and runs privileged, and the advice is to run all application code unprivileged - which is of course sound advice. You can then have an immutable bootloader check the signature of the application executable, as per our OTA examples, to ensure you are booting a genuine and un-tampered copy of the firmware, and as per our previous conversation above, use the MPU to ensure memory access is restricted and that a bad actor cannot execute code from RAM, plus use secure elements/enclaves to hide any secret information such as encryption keys from the application code or an attacker. All that gives the groundwork for the security of the system - but security in layers is always good so we then look further and consider that unexpected code (which could be malicious, or in a third party library, or simply a bug in the application code) is executing and we want to prevent that from making a call to the secure side - or indeed go further and restrict access to certain RTOS API functions.
Putting in place binary restrictions as in if code is executing privileged then it can make restricted calls, and if unprivileged it can’t, is the simplest thing as you can query the hardware to determine that.
To go further, and as per our discussions here, and your post above, tasks need to be assigned an un-spoofable and query-able identity. If we trust the boot sequence where identities are assigned, and the memory protection to prevent access to kernel memory, then that identity can be stored in the task control block and queried from the secure side - or the secure side could be given a list of authorised tasks as part of the boot sequence. Alternatively statically allocated tasks that are authorised to make secure calls can be placed in a memory segment specifically marked as having the rights to access the secure side, extending slightly the scheme we used today to place priviliged code in specially marked memory regions (by using linker variables).
Did I capture everything here?