Dear HN community! Looking forward to hearing your feedback on ACE (assured confidential execution), technology that implements VM-based trusted execution environment (TEE) for embedded RISC-V systems with focus on a formally verified and auditable firmware. We target high-assurance systems that can benefit from compartmentalization and hardware-backed isolation. The key ingredient called security monitor (firmware) is implemented in Rust. The formal specification is defined as annotations directly in code and gets translated to Coq using RefinedRust automation. ACE design is now part of the RISCV confidential VM extension (CoVE) specification (deployment model 3).
Comments URL: https://news.ycombinator.com/item?id=44055895
Points: 41
# Comments: 1
Connectez-vous pour ajouter un commentaire
Autres messages de ce groupe
Article URL: https://github.com/Kotlin/kotlin-lsp
Comments URL: https://news.ycomb
I combined this with a simple API to update a CSV file using Deno/deno-csv library, allowing an Ansible job to easily update a CSV file via the API with Ansible URI module, and then have that same
Article URL: https://www.lpm.org/investigate/2023-11
