Optimized Trusted Execution Environments for FPGAs with Enhanced Security
Web Published:
11/29/2022
Systems and methods for creating a custom trusted execution environment (TEE) for FPGAs with isolated memory and cache in order to protect keys against side-channel attacks.
FPGAs are commonly used by high-security industries while being particularly vulnerable to side-channel attacks. Intel SGX and Arm TrustZone are two hardware TEE solutions, but our novel technology provides extra secure features that they do not offer. Existing TEEs time-share a processor core with the Rich Execution Environment (REE), making execution less efficient and vulnerable to side-channel attacks.
BYOTEE (Build Your Own Trusted Execution Environments) is an infrastructure for building multiple equally secure TEEs by utilizing commodity System-on-Chip (SoC) Field Programmable Gate Arrays (FPGA) devices. The systems and methods provide physically isolated execution environments on-demand, which even hardware debuggers and DMA-enabled devices cannot access. In this design, the TEEs do not share cache and have separated memory regions. All hardware resources for TEEs are physically isolated from the REE.
- Increased security for keys in FPGAs.
- FPGAs are commonly used by high-security industries such as banking and military.
Provisional patent 63/423,642 filed 11/8/2022.
TRL 6
Available for license or collaboration.
Patent Information:
App Type |
Country |
Serial No. |
Patent No. |
Patent Status |
File Date |
Issued Date |
Expire Date |
|