Abstract

This paper introduces CoVE, a proposed reference architecture for implementing Confidential Computing on RISC-V platforms. It addresses the vulnerability of large Trusted Computing Bases (TCBs) in traditional multi-tenant environments by defining hardware-attested Trusted Execution Environments (TEEs). CoVE outlines necessary ISA, non-ISA, and System-on-Chip requirements to provide quantifiable TCB minimization suitable for privacy-oriented workloads.

Report

CoVE: Towards Confidential Computing on RISC-V Platforms

Key Highlights

• Core Goal: Proposes a reference architecture, CoVE (Confidential Virtual Machine), to bring Confidential Computing (CC) capabilities to RISC-V platforms.
• Problem Addressed: Current multi-tenant platforms include platform firmware, host OS, and hypervisors in the Trusted Computing Base (TCB), making them ill-suited for privacy-oriented workloads.
• Solution Approach: Leverages the clean-slate design potential of the RISC-V architecture to establish hardware-attested Trusted Execution Environments (TEEs).
• Objective: Define necessary components to minimize the TCB footprint for tenant payloads (VMs, containers, applications) running on RISC-V hardware.

Technical Details

• Architecture Focus: CoVE describes the ISA (Instruction Set Architecture) and non-ISA Extension requirements needed to implement a Confidential Virtual Machine (CVM) environment.
• Scope: The requirements discussed cover ISA extensions, non-ISA system extensions, and fundamental System-on-Chip (SoC) design aspects.
• Foundation: The paper asserts that the RISC-V architecture provides a strong foundation for meeting these security requirements in a clean-slate manner, bypassing legacy security issues.
• Core Requirement: Implementation requires the use of HW-attested TEEs for robust data-in-use protection.

Implications

• Standardization Driver: CoVE provides a critical reference architecture, accelerating the standardization and definition of crucial security features necessary for enterprise and cloud RISC-V deployments.
• Increased Trust: By minimizing the TCB, this development allows tenants to run sensitive, privacy-oriented workloads knowing that the host OS, hypervisor, or platform operators cannot access their data.
• Market Viability: Successful implementation of CoVE is vital for RISC-V to compete effectively against established architectures (like x86) that already offer robust TEE solutions (e.g., Intel SGX/TDX, AMD SEV).