An seL4-based Trusted Execution Environment on RISC-V


In an era where digital security is paramount, the concept of Trusted Execution Environments (TEEs) is crucial for safeguarding sensitive data within computing systems. This paper introduces an implementation of seL4 as a secure operating system in a TEE on RISC-V hardware. We address integration challenges, offering insights for future secure system designs. A comprehensive performance evaluation of the seL4-based TEE shows enhanced security and operational efficiency. This includes assessments of the Linux Rich Execution Environment’s (REE) performance and analyses of essential TEE services as Random Number Generation, Key Pair Generation, and Digital Signing Operations. Our deployment on the PolarFire SoC Icicle kit demonstrates practicality and viability in a real-world environment. This research contributes to trusted computing area by merging seL4’s robust microkernel architecture with RISC-V’s open-source flexibility, fostering secure, efficient, and adaptable computing solutions.

The 20th International Wireless Communications & Mobile Computing Conference