UIEE: Secure and Efficient User-space Isolated Execution Environment for Embedded TEE Systems
Huaiyu Yan
Network and Distributed System Security (NDSS) Symposium 2026 · Day 1 · Trusted Execution
Current **ARM TrustZone-based Trusted Execution Environments (TEEs)** are designed for compact, security-focused operations like cryptographic computations, but they lack the runtime support needed for complex applications like databases, media codecs, or machine learning inference. This talk presents **UIEE (User-space Isolated Execution Environment)**, a TrustZone-oriented system that creates a third execution domain -- separate from both the Rich Execution Environment (REE) and the TEE -- capable of running **unmodified Linux applications** inside the trusted world with minimal performance overhead and only **8,000 lines of added code** (a 46% TCB increase).
AI review
A systems engineering contribution that puts a LibOS inside ARM TrustZone to run unmodified Linux applications in the secure world. Zero offensive security content, no attacks, no vulnerability analysis, no exploitation. This is embedded systems engineering, not security research.