AutoTEE: Automated Migration and Protection of Programs in Trusted Execution Environments
Ruidong Han, Zhou Yang, Chengyan Ma, Ye Liu, Yuqing Niu, Siqi Ma, Debin Gao, David Lo
TL;DR
AutoTEE targets the longstanding challenge of porting existing programs to Trusted Execution Environments by leveraging large language models to automatically identify sensitive functions, transform them to native code (Rust), and securely link them back into the original program for TEE execution. The approach uses leaf-function isolation, multi-round sensitive-function prompts, and a ReAct-driven refinement loop that couples compilability and functional-equivalence validation with coverage-guided test inputs. In extensive evaluation across 68 repositories and 385 sensitive functions, AutoTEE achieves strong identification and transformation performance, with GPT-4o delivering up to 91.8% Java and 84.3% Python transformation success and high equivalence guarantees. The system also demonstrates practical cross-TEE portability (Intel SGX and AMD SEV) and analyzes resource costs, integration effects, and limitations. Overall, AutoTEE reduces manual code modifications and extends TEE adoption to high-level languages, enabling robust secure execution with automated attestation-linked interoperation.
Abstract
Trusted Execution Environments (TEEs) isolate a special space within a device's memory that is not accessible to the normal world (also known as Untrusted Environment), even when the device is compromised. Thus, developers can utilize TEEs to provide strong security guarantees for their programs, making sensitive operations like encrypted data storage, fingerprint verification, and remote attestation protected from malicious attacks. Despite the strong protections offered by TEEs, adapting existing programs to leverage such security guarantees is non-trivial, often requiring extensive domain knowledge and manual intervention, which makes TEEs less accessible to developers. This motivates us to design AutoTEE, the first Large Language Model (LLM)-enabled approach that can automatically identify, partition, transform, and port sensitive functions into TEEs with minimal developer intervention. By manually reviewing 68 repositories, we constructed a benchmark dataset consisting of 385 sensitive functions eligible for transformation, on which AutoTEE achieves a high F1 score of 0.91. AutoTEE effectively transforms these sensitive functions into their TEE-compatible counterparts, achieving success rates of 90\% and 83\% for Java and Python, respectively. We further provide a mechanism to automatically port the transformed code to different TEE platforms, including Intel SGX and AMD SEV, demonstrating that the transformed programs run successfully and correctly on these platforms.