par Van Slijpe, Oscar
;Dricot, Jean-Michel
;Mühlberg, Jan Tobias 
Référence 9th Workshop on System Software for Trusted Execution, SysTEX 2026(223300: 27 April 2026 - 30 April 2026: Edinburgh), Workshop on System Software for Trusted Execution, Part of EuroSys 2026, Association for Computing Machinery, Inc, page (33 - 41)
Publication Publié, 2026-04-26
;Dricot, Jean-Michel
;Mühlberg, Jan Tobias 
Référence 9th Workshop on System Software for Trusted Execution, SysTEX 2026(223300: 27 April 2026 - 30 April 2026: Edinburgh), Workshop on System Software for Trusted Execution, Part of EuroSys 2026, Association for Computing Machinery, Inc, page (33 - 41)
Publication Publié, 2026-04-26
Publication dans des actes
| Résumé : | Trusted Execution Environments (TEEs) are increasingly relevant in embedded and cyber-physical systems, where both security and real-time guarantees are essential. While Keystone has gained traction as an open-source framework for RISC-V, its interaction with real-time scheduling and, in particular, with the PREEMPT_RT patches remains unstudied, despite the potential and relevance of real-time Linux and enclaves for secure mixed-criticality applications. This paper presents an evaluation methodology to assess implications of enclaved execution on scheduling latency, which we apply to Keystone on a PREEMPT_RT-patched Linux kernel on a HiFive Unmatched board. Using cyclictest to measure scheduling latencies under high-load conditions, two scenarios are examined: mixed contexts, where high-priority non-secure tasks run concurrently with active enclaves, and real-time enclaves, where time-critical tasks execute inside the enclave itself. Results show that Keystone’s Secure Monitor and enclaves do not measurably interfere with high-priority non-secure processes. However, while PREEMPT_RT improves enclave startup determinism, Keystone introduces substantial latencies when multiple enclaves are executing concurrently, partially limiting its suitability for applications that require predictable timing alongside confidentiality. |



