T-Edge: Trusted Heterogeneous Edge Computing

TL;DR

This paper introduces T-Edge, a trusted execution environment for heterogeneous edge computing platforms that securely manages remote execution of applications on ARM/FPGA systems using TrustZone, ensuring security with minimal overhead.

Contribution

It presents a novel trusted execution environment design for ARM/FPGA SoCs leveraging TrustZone, including a dedicated security controller and a provisioning service for FPGA trust establishment.

Findings

Validated security through automated protocol verification with ProVerif.

Demonstrated system practicality with a prototype on Xilinx MPSoC.

Ensured secure remote FPGA reconfiguration and communication.

Abstract

Heterogeneous computing, which incorporates GPUs, NPUs, and FPGAs, is increasingly utilized to improve the efficiency of computer systems. However, this shift has given rise to significant security and privacy concerns, especially when the execution platform is remote. One way to tackle these challenges is to establish a trusted and isolated environment for remote program execution, while maintaining minimal overhead and flexibility. While CPU-based trusted execution has been extensively explored and found commercial success, extension to heterogeneous computing systems remains a challenge. This paper proposes a practical trusted execution environment design for ARM/FPGA System-on-Chip platforms, leveraging TrustZone's unique characteristics. The design features a dedicated security controller within the ARM TrustZone, overseeing FPGA reconfiguration and managing communication between CPU cores and FPGA fabrics. This design involves a provisioning service that enables application users to establish trust in the FPGA fabric within cloud-based computing resources provided by the platform owner, running applications developed by third-party developers and hardware manufactured by the device manufacturer. To ensure the security of our proposed system, we employ an automated protocol verifier, ProVerif, to validate its compliance with essential security requirements. Furthermore, we demonstrate the practicality of our system model by implementing a prototype application on the Xilinx MPSoC development board.