T-Edge: Trusted Heterogeneous Edge Computing
Jiamin Shen, Yao Chen, Weng-Fai Wong, Ee-Chien Chang
TL;DR
This work addresses security and privacy challenges in edge computing with heterogeneous ARM/FPGA platforms by introducing T-Edge, a practical trusted execution environment that combines ARM TrustZone isolation with FPGA fabric. It defines a three-stage lifecycle (manufacture, provisioning, operation), introduces a remote attestation protocol with boot-time measurements and runtime challenge-response, and ensures a secure, isolated CPU-FPGA channel alongside controlled FPGA reconfiguration. The approach is validated through a prototype on a Xilinx ZCU106 board, a formal verification of the protocol with ProVerif, and a case study using a 2D convolution accelerator, showing negligible runtime overhead and a modest boot-time increase. The solution provides device and program authentication, secure channels, and attestation privacy, offering a viable path for trusted, FPGA-accelerated edge computing in cloud and on-premises deployments.
Abstract
Heterogeneous computing, which incorporates GPUs, NPUs, and FPGAs, is increasingly utilized to improve the efficiency of computer systems. However, this shift has given rise to significant security and privacy concerns, especially when the execution platform is remote. One way to tackle these challenges is to establish a trusted and isolated environment for remote program execution, while maintaining minimal overhead and flexibility. While CPU-based trusted execution has been extensively explored and found commercial success, extension to heterogeneous computing systems remains a challenge. This paper proposes a practical trusted execution environment design for ARM/FPGA System-on-Chip platforms, leveraging TrustZone's unique characteristics. The design features a dedicated security controller within the ARM TrustZone, overseeing FPGA reconfiguration and managing communication between CPU cores and FPGA fabrics. This design involves a provisioning service that enables application users to establish trust in the FPGA fabric within cloud-based computing resources provided by the platform owner, running applications developed by third-party developers and hardware manufactured by the device manufacturer. To ensure the security of our proposed system, we employ an automated protocol verifier, ProVerif, to validate its compliance with essential security requirements. Furthermore, we demonstrate the practicality of our system model by implementing a prototype application on the Xilinx MPSoC development board.