Go to DBLP homepageParTEE: A Framework for Secure Parallel Computing of RISC-V Trusted Execution Environments
Abstract: As RISC-V multi-core platforms advance into the domains of high-performance computing and cloud, safeguarding code and sensitive data through Trusted Execution Environments (TEEs) has become critical. Current RISC-V TEEs struggle to support parallel computing due to limitations in memory protection mechanisms. To address these limitations, we present ParTEE, a novel TEE framework designed to enable multi-threaded execution within RISC-V enclaves. ParTEE allows multiple threads to access shared memory regions within the enclave, thereby supporting parallel computing in RISC-V TEEs. To protect the security of multi-threaded programs, we incorporate two security mechanisms: (1) a secure thread detector that identifies potentially malicious threads, ensuring that secure threads can access shared memory regions while preventing unauthorized access; and (2) a secure monitor (SM) operating at the highest privilege level, responsible for managing shared memory access permissions for secure threads. ParTEE is compatible with various open-source RISC-V architectures. We conduct function validation using QEMU emulators and deploy ParTEE on Xilinx KC705 FPGAs featuring a four-core RISC-V system. ParTEE demonstrates negligible performance overhead of 0.9% and achieves a 3.59\(\times \) speedup compared to conventional RISC-V TEEs. Finally, we illustrate capability with a machine learning application.
External IDs:dblp:conf/europar/LanZZYHYLS25
Loading