CARMA: A Hardware Tamper-Resistant Isolated Execution Environment on Commodity X86 Platforms
Much effort has been spent to reduce the software Trusted Computing Base (TCB) of modern systems. However, the hardware TCB remains complex and untrustworthy. Components such as memory, peripherals, and system buses may become malicious via firmware compromise, a malicious manufacturer, a malicious supply chain, or local physical tampering. The authors seek to reduce the hardware TCB to a minimal set of hardware components that must be trusted. They describe the design and implementation of an isolated execution environment on commodity x86 platforms that only relies on the CPU, without needing to trust the memory, buses, peripherals, or any other system components.