TUM Logo

Minimal Runtime for Confidential Computing VMs in Rust on seL4

Minimal Runtime for Confidential Computing VMs in Rust on seL4

Supervisor(s): Alexander Weidinger, Oliver Braunsdorf
Status: open
Topic: Others
Type of Thesis: Masterthesis
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching


Chair of IT Security / Prof. Dr. Claudia Eckert

Announcement: Master Thesis in Cooperation with Fraunhofer AISEC, Garching

Minimal Runtime for Confidential Computing VMs in

Rust on seL4

VM-based Confidential Computing (CoCo) environments can be utilized to execute confidential al- gorithms and process sensitive data on platforms that are hosted by non-trusted providers (e.g. in cloud computing). However, to keep the Trusted Computing Base (TCB) small, CoCo-VMs should not run rich operating systems, like Linux, but should only execute a minimal runtime/OS to reduce the attack surface. Microkernels (especially seL4) are good candidates for building the foundation of a minimal runtime. On top of the runtime, a ”trusted service” needs to be executed within the CoCo-VM, which communicates with the host-OS outside the VM. It represents a common weak point and therefore must not include software vulnerabilities. The Rust programming-language is a novel memory-safe programming language which is a prime candidate for writing such a trustworthy, low-level, service.

Task Description

This thesis aims to implement a minimal runtime/OS for running trusted services, written in Rust and based on the seL4 microkernel, within a CoCo-VM (like AMD SEV-SNP), i.e.:

  • Design and implement a minimal runtime to run trusted services in Rust on top of seL4

  • Evaluate existing approaches, e.g.

    Robigalia: https://rbg.systems/
    feL4: https://github.com/PolySync/cargo-fel4
    CAmkES: https://docs.sel4.systems/projects/rust/

  • Implement a trusted service based on your runtime as a case study

  • Optional goal: integrate the remote attestation concept of AMD SEV-SNP into the developed design


    • First practical experiences with Rust and/or seL4
    • Ideally, basic knowledge of AMD SEV-SNP and the confidential computing concept
    • Confident in working with Linux, Git, Docker and one scripting language, e.g. Python

    • Self-driven work ethic and fun experimenting with new techniques


Alexander Weidinger

Mail: alexander.weidinger@aisec.fraunhofer.de Phone: +49 89 3229986-1034

Oliver Braunsdorf

Mail: oliver.braunsdorf@aisec.fraunhofer.de Phone: +49-89-3229986-161

Fraunhofer Institute for Applied and Integrated Security AISEC

Lichtenbergstraße 11, 85748 Garching