![]() |
SysTEX '258th Workshop on System Software for Trusted Execution (SysTEX 2025) July 4th, 2025 |
09:45-10:00 | Opening and Welcome [ Slides ] |
10:00-11:00 | Keynote: Shweta Shinde (ETH Zurich), Lessons from a Decade of Confidential Computing
[ Slides ]![]() This talk will take a reflective and systems-oriented view of the evolution of Confidential Computing: from the early abstractions of process-level enclaves, to confidential virtual machines, and now to confidential accelerators. With each step, the security model, trust boundaries, and threat landscape have shifted—sometimes in subtle but profound ways. Drawing from a decade of both offensive and defensive research, this talk will explore not only how we got here, but also the missteps, lessons, and enduring challenges that remain. At this critical juncture, the goal is to distill insights that can help the research community chart the next decade of Confidential Computing—responsibly, rigorously, and with a deep appreciation for the hard-earned lessons of the past. Bio: Shweta Shinde is a tenure-track assistant professor at ETH Zurich, where she leads the Secure and Trustworthy Systems Group. Her research is broadly at the intersection of trusted computing, system security, and program analysis. Her group focuses on foundational aspects of confidential computing to protect phones, servers, and accelerators as well as practical aspects of building large systems. |
11:00-11:30 | Coffee Break |
11:30-13:00 | Session 1: Pot Pourri |
11:30:
An Early Experience with Confidential Computing Architecture for On-Device Model Protection
[ Slides ]
Sina Abdollahi (Imperial College London), Mohammad Maheri (Imperial College London), Sandra Siby (New York University Abu Dhabi), Marios Kogias (Imperial College London), Hamed Haddadi (Imperial College London & Brave Software) |
|
11:55:
Proving Attributes about Confidential Compute Services with Validation and Endorsement Services
[ Slides ]
Anjo Vahldiek-Oberwagner (Intel Labs), Marcela S. Melara (Intel Labs)
Short Research Statement
|
|
12:10:
End-to-End Confidentiality with SEV-SNP Leveraging In-Memory Storage
[ Slides ]
Lorenzo Brescia (University of Turin, University of Neuchatel), Iacopo Colonnelli (University of Turin), Valerio Schiavoni (University of Neuchatel), Pascal Felber (University of Neuchatel), Marco Aldinucci (University of Turin) |
|
12:35:
Enclave Application Cache for RISC-V Keystone
[ Slides ]
Takumu Umezawa (Waseda University), Akihiro Saiki (Waseda University), Keiji Kimura (Waseda University) |
|
13:00-14:00 | Lunch Break |
14:00-16:10 | Session 2: Tools & Trust |
14:00:
OPENCCA: An Open Framework to Enable Arm CCA Research
[ Slides ]
Andrin Bertschi (ETH Zurich), Shweta Shinde (ETH Zurich) |
|
14:25:
Principled Symbolic Validation of Enclaves on Low-End Microcontrollers
[ Slides ]
Gert-Jan Goossens (DistriNet, KU Leuven), Jo Van Bulck (DistriNet, KU Leuven) |
|
14:50:
Why I Stopped Caring About the TCB
[ Slides ]
Adrien Ghosn (Azure Research), Marios Kogias (Imperial College London)
Short Research Statement
|
|
15:05:
Wait a Cycle: Eroding Cryptographic Trust in Low-End TEEs via Timing Side Channels
[ Slides ]
Ruben Van Dijck (DistriNet, KU Leuven), Marton Bognar (DistriNet, KU Leuven), Jo Van Bulck (DistriNet, KU Leuven) |
|
15:30:
Narrowing the Gap between TEEs Threat Model and Deployment Strategies
[ Slides ]
Filip Rezabek (Flashbots, Department of Informatics, Technical University of Munich, Germany), Jonathan Passerat-Palmbach (Flashbots, Imperial College London), Moe Mahhouk (Flashbots), Frieder Erdmann (Flashbots), Andrew Miller (Flashbots)
Short Research Statement
|
|
15:45:
Atlas: A Framework for ML Lifecycle Provenance & Transparency
Marcin Spoczynski (Intel Labs), Marcela S. Melara (Intel Labs), Sebastian Szyller (Intel Labs) |
|
Closing Remarks | |
16:10-16:30 | Coffee Break |
16:30-open end | Breakout Discussion |