iperfTZ: Understanding Network Bottlenecks for TrustZone-based Trusted Applications [article]

Christian Göttel, Pascal Felber, Valerio Schiavoni
2019 arXiv   pre-print
The growing availability of hardware-based trusted execution environments (TEEs) in commodity processors has recently advanced support (i.e., design, implementation and deployment frameworks) for network-based secure services. Examples of such TEEs include ARM TrustZone or Intel SGX, largely available in embedded, mobile and server-grade processors. TEEs shield services from compromised hosts, malicious users or powerful attackers. TEE-enabled devices are largely being deployed on the edge of
more » ... e network, paving the way for large-scale deployments of trusted applications. These applications allow processing and disseminating sensitive data without having to trust cloud providers. However, uncovering network performance limitations of such trusted applications is difficult and currently lacking, despite the interest and reliance by developers and system deployers. iperfTZ is an open-source tool to uncover network performance bottlenecks rooted at the design and implementation of trusted applications for ARM TrustZone and underlying runtime systems. Our evaluation based on micro-benchmarks shows current trade-offs for trusted applications, both from a network as well as an energy perspective; an often overlooked yet relevant aspect for edge-based deployments.
arXiv:1909.06662v1 fatcat:zwvh2tjsmfanjbxif7gi7n4v6i