Confidential computing plays an important role in isolating sensitive applications from the vast amount of untrusted code commonly found in the modern cloud. We argue that it can also be leveraged to build safer and more secure mission-critical embedded systems. In this paper, we introduce the Assured Confidential Execution (ACE), an open-source and royalty-free confidential computing technology targeted for embedded RISC-V systems. We present a set of principles and a methodology that we used to build \ACE and that might be applied for developing other embedded systems that require formal verification. An evaluation of our prototype on the first available RISC-V hardware supporting virtualization indicates that ACE is a viable candidate for our target systems.
View on arXiv@article{ozga2025_2505.12995,
title={ ACE: Confidential Computing for Embedded RISC-V Systems },
author={ Wojciech Ozga and Guerney D.H. Hunt and Michael V. Le and Lennard Gäher and Avraham Shinnar and Elaine R. Palmer and Hani Jamjoom and Silvio Dragone },
journal={arXiv preprint arXiv:2505.12995},
year={ 2025 }
}