In an Arm TrustZone based Trusted Application (TA), how can a remote party tie an output to a particular TA?

I’ve been looking at the following figure which shows, with Arm TrustZone architecture, resources of a system can be divided into a Rich Execution Environment (REE) and a Trusted Execution Environment (TEE).

enter image description here

Here I’m trying to understand the following: Suppose a remote party wants a particular trusted application (TA) running in TEE to do some computation on his input. How can this remote party be ensured that the computation is actually done by the correct TA ?