Trusted Execution Environments (TEE)¶

Hardware TEE Platforms¶

Intel SGX (Software Guard Extensions) Intel SGX is a popular CPU-based TEE¶

that creates isolated "enclaves" in user-mode memory. SGX provides per-enclave memory encryption and attestation and is built into many recent Intel CPUs (Skylake and later). It is widely supported in cloud services (e.g. Azure DC-series VMs, IBM Cloud) and used in blockchain contexts (see below). SGX code is developed via the Intel SGX SDK or open frameworks like Open Enclave.

However, SGX has been subject to many side-channel and speculative-execution attacks (e.g. Foreshadow in 2018, LVI, SGXPectre, Plundervolt, SGAxe, CacheOut, etc.) that can leak enclave secrets. Intel issues microcode mitigations (e.g. TCB recovery process) and SGX-specific patches to address these threats.

Intel TDX (Trust Domain Extensions) Intel TDX is a newer TEE that isolates¶

entire guest VMs (called Trust Domains) in hardware. TDX ensures even the hypervisor cannot inspect a VM's data. It provides confidentiality and integrity for virtualized workloads. TDX is supported on Intel's latest servers (Emerald Rapids, Sapphire Rapids). Compared to SGX, TDX operates at the VM level. No major public exploits of TDX are known yet, but as new hardware it is being audited by the industry.

Intel TDX Overview

AMD SEV/SME/SNP AMD EPYC CPUs include Secure Encrypted Virtualization (SEV)¶

to encrypt VM memory. SEV uses a dedicated AMD Secure Processor (PSP) to generate unique keys per VM. Extensions SEV-ES add register-state protection, and SEV-SNP (Secure Nested Paging, available on 3^rd-gen EPYC Milan/Zen3) adds memory integrity checks and attestation.

In practice, SEV-SNP can produce signed reports confirming a VM's launch state. AMD's TEEs protect full VMs but have had notable flaws: academic attacks "SEVerity" and "undeSErVed" (disclosed 2021) allow code injection into SEV/SEV-ES VMs. These led AMD to recommend SEV-SNP and patches. Other microarchitectural side-channels (e.g. speculative-exec) also affect AMD.

In cloud services, SEV is widely available (e.g. AWS uses SEV-SNP on m6a instances; Google Confidential VMs use SEV/SEV-SNP). Pricing add-ons for Google's confidential VMs are low – e.g. $0.00548 per vCPU-hour for AMD SEV.

ARM TrustZone ARM's TrustZone is a TEE technology used in virtually all ARM¶

processors (mobile, embedded, servers). It provides a "secure world" alongside the normal OS. TrustZone-based TEEs (often running a GlobalPlatform-compliant TEE OS like OP-TEE) are common in smartphones and IoT devices (Samsung Knox, Qualcomm QSEE, Huawei TrustZone, Apple Secure Enclave, etc.).

TrustZone is used for mobile security, digital rights, and now some cloud-edge use cases. Open standards (GlobalPlatform TEE API) exist to program TrustZone TEEs. However, many commercial TrustZone implementations have had critical vulnerabilities: for example, between 2013–2018 Qualcomm's TEE had >50 critical CVEs and other vendors (Trustonic, Huawei, Nvidia) also reported severe flaws. This history shows that on-device TEEs are fragile and require careful development and certification.

Other Architectures¶

RISC-V is developing TEEs (e.g. the open-source Keystone framework) but no mainstream products yet.
IBM's POWER architecture also supports encrypted memory (PowerPC's Secure Execution, not widely publicized).
Apple's Secure Enclave (in iPhones) and Qualcomm's QSEE (in Android) are proprietary TrustZone TEEs; these are not programmable by third parties except via platform APIs.

In general, GlobalPlatform provides standardized TEE APIs and a certification program for TEEs on devices, but there is no single industry standard for all TEEs.

GlobalPlatform TEE Standards

Comparison of Major TEE Hardware Platforms¶

| Platform | Provider | Enclave vs VM | Typical Devices/Chips | Primary Use Cases | Notable Security Issues | |----------|----------|---------------|----------------------|-------------------|------------------------| | Intel SGX | Intel (US) | Enclave | Intel Xeon/Core (Skylake+) | Confidential cloud workloads, enclaves for data privacy, blockchain nodes | Side-channel (Foreshadow, MDS, LVI, Plundervolt, etc.) | | Intel TDX | Intel (US) | VM (Trust Domain) | Intel Xeon Scalable (Emerald Rapids, Sapphire Rapids) | Confidential VMs, isolating untrusted hypervisors | Very new; designed to mitigate hypervisor attacks (no public exploits yet) | | AMD SEV/SNP | AMD (US) | VM | AMD EPYC 2^nd/3^rd gen; some Epyc Milan | Confidential VMs/containers (cloud providers) | Attacks "SEVerity"/"undeSErVed" (2021) on SEV/ES; mitigated by using SEV-SNP | | ARM TrustZone | ARM Ltd. (UK) | Secure world | ARM Cortex-A/R/M chips (Qualcomm, Samsung, Huawei, etc.) | Mobile/device security (keystore, payments), IoT, some edge computing | Many CVEs reported in device TEEs; often combined with hardware DRM | | Other (Apple) | Apple (US) | Coprocessor | A-series / M-series chips (Secure Enclave CPU) | Mobile biometric and key storage | A few bugs (e.g. checkm8 exploit, but requires physical access) | | RISC-V Keystone | Open (USA) | Enclave | RISC-V prototypes | Research/edge TEEs, academic labs | Experimental (MIT/UC Berkeley); no commercial use yet | | Power Secure Exec | IBM (US) | VM/Enclave | IBM Power8+ (via TEMPEST) | Mainframe/enterprise (IBM Z/Power); enclaves for hybrid cloud | Limited public info; IBM claims hardware isolation on Power9+ |

TEE Usage in Crypto/Blockchain¶

Several blockchain and Web3 projects leverage TEEs to achieve privacy and trust for smart contracts or oracles. Notable examples include:

Secret Network (formerly Enigma, global; e.g. Secret Foundation) Secret¶

Network is a privacy-focused blockchain (Cosmos-based) whose nodes all use Intel SGX enclaves to execute encrypted smart contracts. Data (metadata and contract state) is encrypted off-chain and only decrypted inside SGX enclaves. The consensus seed (transaction keys) is sealed in SGX, and nodes perform attestation to ensure only genuine enclaves compute on data. (Country: project is international, foundation in multiple locations, initially Switzerland/USA).

Secret Network Documentation

Oasis Network (Oasis Labs) (USA) Oasis is a privacy-enabled blockchain¶

platform. Its Sapphire ParaTime uses SGX enclaves to provide confidential EVM execution: contracts run "inside a TEE (Intel SGX hardware isolation)" so node operators cannot see private inputs/outputs. Oasis advertises that enclaves protect contract state and keys (e.g. "Key manager runtimes coordinate SGX-based key manager enclaves").

Oasis Protocol Documentation

iExec (France) iExec provides decentralized cloud computing. Its V6 release¶

demonstrated running Docker containers inside SGX enclaves for "confidential computing" on untrusted workers. iExec's whitepaper notes it collaborated with Intel on a Trusted Compute spec (via the Enterprise Ethereum Alliance) and joined the Confidential Computing Consortium in 2019. The iExec SDK and worker nodes support Intel SGX (using the SCONE runtime) for secure off-chain computation.

Integritee Network (Germany) A Polkadot parachain offering TEE-backed¶

off-chain computation. Integritee uses Intel SGX enclaves on its parachain to enable private smart contracts (though official docs are sparse, media describe SGX usage). (Country: Germany).

Phala Network (China) Another Polkadot-based privacy chain. Phala provides¶

"confidential smart contracts" via SGX enclaves; whitepapers describe enclave-based off-chain workers. (Country: China).

Hyperledger Avalon (Linux Foundation) Avalon is an open-source framework by¶

Intel/IBM for confidential smart contracts (implementing an Enterprise Ethereum Alliance spec). It runs Hyperledger Fabric chaincode inside SGX enclaves. (Avalon is global, led by IBM in the US).

Ledger Insights: Hyperledger Avalon

R3 Conclave (USA) Conclave is a project by R3 (makers of the Corda¶

blockchain) for private contract execution. Conclave wraps arbitrary Java/Scala code in SGX enclaves to enable confidential computation on blockchains. R3 partnered with Intel on this and joined the Confidential Computing Consortium.

Ledger Insights: R3 Conclave

AntChain (Ant Group) (China) AntGroup's enterprise blockchain (AntChain)¶

includes FAIR ("privacy-preserving computing") features. AntChain has its own TEE-capable chip (the "T1") and uses a "ringfenced chipset" TEE for multiparty computation across blockchain nodes. This tightly integrates hardware TEEs with the blockchain to compute analytics or contracts without leaking inputs. AntGroup is based in China.

Ledger Insights: AntChain

Binance/Trusple (BNB Chain) (China) Binance's trade finance platform¶

Trusple uses confidential computing. Although details are scarce, media report it leverages Huawei/Chinese hardware TEEs on its blockchain.

Visa LucidiTEE (USA) A framework for off-chain MPC on public ledgers using¶

SGX-based enclaves. (Announced by Visa in 2019; implements policies via SGX rather than requiring all parties online.)

Ledger Insights: Visa LucidiTEE

Chainlink (USA) The oracle network offers a "Trusted Compute Framework"¶

that can run oracles inside TEEs (e.g. Intel SGX). A Chainlink blog notes that Chainlink's architecture can integrate with Town Crier/SGX oracles to secure off-chain data feeds. (Chainlink primarily uses AWS/Azure SGX VMs for oracle nodes in large customers.)

Chainlink Blog

Alibaba Inclavare Containers (China) Alibaba Cloud provides Inclavare, an¶

open-source SGX container runtime (by Xiang Shan). It lets developers run workloads in SGX on Alibaba Cloud. Alibaba is a member of the Confidential Computing Consortium.

Other Notable Mentions Projects like Enigma (now part of Secret), Oasis¶

Labs (USA), Orange Protocol (US), Cardano Hydra (SGX reference), and several Chinese chains (Chang'An Chain, Phala, and others) incorporate TEEs. Many startups (e.g. Opaque Systems (UK), Decentriq (CH)) offer TEE-enabled data collaboration, often targeting blockchain use cases.

Blockchain/Web3 Players and TEE Usage¶

| Project / Company | Country | TEE Platform | Notes / Use Case | |-------------------|---------|--------------|------------------| | Secret Network | Global (SCRT Foundation) | Intel SGX | Validators run SGX, private smart contracts | | Oasis / Sapphire | USA | Intel SGX | Confidential EVM (Sapphire runtime) | | iExec | France | Intel SGX | Decentralized off-chain compute, SGX VMs | | Integritee Network | Germany | Intel SGX | Polkadot parachain for private data processing | | Phala Network | China | Intel SGX | Polkadot parachain (confidential contracts) | | R3 Conclave | USA | Intel SGX | Private Corda smart contracts (SGX enclaves) | | AntChain (Ant Group) | China | Custom TEE chip | Enterprise blockchain with TEE (Ant T1 chip) | | Hyperledger Avalon | Global (LF/IBM) | Intel SGX | Fabric private chaincode (SGX enclaves) | | Alibaba Inclavare | China | Intel SGX | SGX container runtime on Alibaba Cloud | | Chainlink | USA | Intel SGX | Oracles/TCP off-chain compute in SGX | | Visa LucidiTEE | USA | Intel SGX | MPC/privacy via SGX (policy-based) | | Oasis Labs (old name) | USA | Intel SGX | Confidential cloud services (Oasis Privacy Layer) | | Orange Protocol | USA | Intel SGX | Decentralized reputation (TEE-based backend) | | Enigma (Secret) | USA/Global | Intel SGX | Privacy network, became Secret Network | | Cryptos (various) | — | — | Startups like Opaque (UK), Decentriq (CH), Tune Insight (FR) use TEEs for data privacy |

TEE SDKs, Libraries, and Services¶

A variety of SDKs, runtimes, and services support developing on TEEs. Key examples include:

Intel SGX SDK / DCAP (US) Intel provides the official SGX SDKs for¶

Linux/Windows (C/C++ libraries, driver, PSW, etc.) and the Data Center Attestation Primitives for scalable attestation. These are free downloads from Intel.

Microsoft Open Enclave SDK (US) An open-source cross-platform SDK (C/C++,¶

Rust) that abstracts SGX, TrustZone and other TEEs under a unified API. Open Enclave is widely used (by Microsoft Azure Attestation, by Google's Asylo, etc.) for building portable enclave apps.

Confidential Computing Consortium

Fortanix Enclave Development Platform (EDP) (USA) A Rust-based SDK for SGX¶

developed by Fortanix. EDP lets developers write enclaves in Rust that run under SGX. It is open-source and designed for ease-of-use (similar primitives to Rust). Fortanix also offers runtime services (Fortanix Data Security Manager, a SaaS HSM service secured by SGX).

Fortanix EDP

ARM OP-TEE (Linaro/ARM, UK) An open-source reference TEE OS for ARM¶

TrustZone. OP-TEE provides a secure OS running Trusted Applications (TAs) with the GlobalPlatform TEE APIs. It's widely used in mobile and embedded devices and available for many ARM SoCs.

OP-TEE Documentation

Anjuna Runtime (USA) A commercial framework that lets unmodified¶

applications run in TEEs (SGX/TrustZone) by encapsulating the process in a protected container. Anjuna abstracts enclave details so legacy apps need little change.

Occlum (Alibaba, China) A specialized library OS for running containerized¶

Linux workloads in SGX enclaves. Originally open-sourced by Alibaba, Occlum supports container images and is used on Alibaba Cloud.

SCONE (Swisscom, Switzerland) A commercial runtime that enables Docker¶

containers and high-level languages to run in SGX enclaves with minimal changes. As mentioned above, iExec uses SCONE for enclaves.

Graphene-SGX (Intel SGX Incubator) An open research library OS for SGX,¶

enabling existing Linux apps to run in enclaves with recompilation. It's used in some academic and open-source projects (e.g. Enarx).

Veracruz (Cornell/USA) An open framework for multi-party secure computation¶

built on TEEs. It coordinates multiple parties' enclaves for collaborative compute on shared data.

Certifier Framework (VMware, USA) A new open-source project (with AMD,¶

Samsung, RISC-V) providing a common attestation/certification layer for heterogeneous TEEs. It aims to let developers use one API across Intel SGX, ARM TrustZone, RISC-V enclaves, etc.

GlobalPlatform TEE APIs (standards) The GlobalPlatform Consortium publishes¶

standard APIs (e.g. TEE Client API, TEE Internal Core API) and certification programs for TrustZone-based TEEs. Many mobile TEE SDKs (like OP-TEE) implement these.

Cloud Confidential Services Major cloud providers offer managed enclave¶

services: - Azure Confidential Computing provides SGX-based VMs (DCsv3 / DCasv5 series) with attestation service - AWS Nitro Enclaves (USA) allow isolated enclaves on Nitro-based instances (no separate pricing) - Google Confidential VMs (US) offer AMD SEV/SEV-SNP for VMs (with small add-on fees) - Alibaba Cloud KAE (China) offers SGX and TrustZone enclaves

For example, Azure's DC4as_v3 (4 vCPU,32GB) costs ~$0.57/hr.

HSM/VPD services Some companies (e.g. Intel, Microchip) offer hardware¶

secure co-processors (often with their own SDKs) that function as TEEs for key storage, though these are peripheral to CPU enclaves.

Key TEE SDKs and Tools¶

| SDK / Tool | Maintainer (Country) | Supports | Primary Use Case | |------------|----------------------|----------|------------------| | Intel SGX SDK/DCAP | Intel (USA) | Intel SGX | Building C/C++ SGX enclaves | | Microsoft Open Enclave | Microsoft (USA) | SGX, TrustZone, etc. | Cross-platform enclave dev | | Fortanix EDP (Rust) | Fortanix (USA) | Intel SGX | Rust enclaves, enterprise key mgmt | | ARM OP-TEE | Linaro/ARM (UK) | ARM TrustZone | Trusted applications on ARM devices | | Occlum | Alibaba (China) | Intel SGX | Enclave containers (Linux apps) | | SCONE | Swisscom (Switzerland) | Intel SGX | Docker enclaves (all languages) | | Graphene-SGX | Intel SGX Incubator (USA) | Intel SGX | Lightweight enclave OS | | Veracruz | Cornell Univ. (USA) | Intel SGX, others | Multi-party enclave computing | | Certifier Framework | VMware/AMD/Samsung (Intl) | SGX, TrustZone, RISC-V | Unified attestation layer | | Anjuna Seaglass | Anjuna/HashiCorp (USA) | SGX, TrustZone | Legacy apps in enclaves | | GlobalPlatform TEE APIs | GlobalPlatform (Intl) | TrustZone | Standard TEE APIs & certification | | Cloud Enclaves | AWS/Azure/Google (US/Intl) | SGX, SEV, TDX | Confidential VMs & services |

Vulnerabilities and Attacks¶

While TEEs promise stronger security, they have attracted intense scrutiny. Notable vulnerabilities include:

Intel SGX Attacks (2018–2022) A steady stream of speculative-execution and¶

side-channel exploits have broken SGX confidentiality. Foreshadow (CVE-2018-3615) allowed extraction of enclave secrets in 2018. Spectre/Meltdown variants (e.g. SGXPectre) also target SGX. LVI (Load Value Injection) emerged in 2020 as a transient-execution flaw in SGX. Plundervolt (2019) let attackers flip CPU voltage to break SGX. Many cache/timing attacks (e.g. CacheOut, ZombieLoad) have been demonstrated against SGX memory. Mitigations require microcode updates and enclave-aware coding practices. Intel periodically issues advisories and BIOS updates.

AMD SEV Attacks (2020–2021) Academic research revealed two major flaws:¶

"SEVerity" and "undeSErVed" (disclosed May 2021). These allow a malicious host OS to inject code into or extract information from SEV and SEV-ES VMs, due to weaknesses in the remote attestation scheme. AMD responded by advising customers to use SEV-SNP (available only on 3^rd-gen EPYC) which closes those holes. Other CPU attacks (e.g. cache side channels) can also leak SEV VM data if not mitigated.

ARM TrustZone TEE Attacks (2013–2021) Many TrustZone-based TEEs have¶

suffered critical vulnerabilities. A study of disclosed CVEs (2013–2018) found 124 total TEE vulnerabilities in Qualcomm, Trustonic, Huawei, Nvidia TEEs – 42% rated critical. Qualcomm's QSEE had dozens of privilege-escalation bugs; Samsung's Trustonic TEE has had at least one critical flaw; Nvidia's Tegra and Huawei's TEE had multiple serious bugs. In practice, these allow rooting of the secure world or leaking secrets. (More recent research continues to find TrustZone bugs in devices.) Apple's Secure Enclave had a high-profile boot-ROM exploit (checkm8) in 2019, though it required physical device access.

Hypervisor/VM Attacks Even hardware TEEs rely on surrounding software. For¶

example, AMD's SEV vulnerabilities came from flaws in the VM launch/attestation protocol. Similarly, SGX relies on BIOS/firmware; misconfiguration (like leaving SGX in debug mode) can void security guarantees. Recent side-channel attacks (e.g. CrossTalk on Zen3, which can leak AES keys via speculative faults) could in theory affect TEEs on AMD CPUs.

Attacks on Attestation Some attacks target the attestation/quote mechanisms¶

rather than the enclave itself. For instance, the "undeSErVed" attack exploited AMD's permutation-agnostic attestation to trick the host. In general, TEEs depend on remote attestation services (Intel IAS, AMD's keys) which must be trusted.

Consortia and Standards Bodies¶

A number of industry groups are shaping the TEE ecosystem:

Confidential Computing Consortium (CCC)¶

A Linux Foundation project founded in 2019, focusing on data-in-use security. CCC hosts open-source TEE projects (Open Enclave, Occlum, Enarx, Keystone, etc.) and promotes best practices. It has major tech companies as members (Intel, Microsoft, IBM, Google, Alibaba, etc.) and collaborates on R&D (e.g. announced in 2023 an open "Certifier Framework" with VMware, AMD, Samsung). The CCC provides a neutral forum for developing TEE software and sharing knowledge.

GlobalPlatform (GP) TEE Committee¶

An independent industry association (co-founded by ARM, GlobalPlatform members) that produces specifications for TEEs, especially for mobile/embedded use. GP's TEE Functional and Security specifications define standardized APIs for secure world applications, and its certification programs ensure interoperability. Many device-makers follow GP standards for TrustZone-based TEEs.

Enterprise Ethereum Alliance (EEA)¶

In 2019 the EEA published an "Off-Chain Trusted Compute Specification" for using TEEs with Ethereum-based systems. Hyperledger Avalon (Linux Foundation) implements this spec. The EEA effort underscores enterprise blockchain interest in TEEs.

Trusted Computing Group (TCG)¶

TCG is best-known for TPM specifications, but it has a wider mission of trusted computing. TCG's literature defines the concept of a TEE as a "protected environment" for code/data. However, TCG has not standardized a specific CPU-based TEE; its focus remains on hardware roots-of-trust (TPMs, firmware, etc.). TCG materials provide context but no new hardware spec.

Multi-Party Computation Alliances (MPC Alliance, etc.)¶

Groups like the MPC Alliance (founded 2020) cover overlapping areas (secure compute, privacy tech), sometimes in concert with confidential computing groups. Their focus is on privacy-preserving computing (including TEEs and cryptography).

IEEE/Academic Symposia¶

The IEEE SEED workshop (Secure & Private Execution Environment Design) and similar academic venues regularly feature TEE research, but are more research forums than standard bodies.

In summary, the CCC is the central open-source effort (focused on "implementation and adoption"), while GlobalPlatform handles device TEE standards. Enterprise blockchain efforts (EEA/Avalon, R3 Conclave) and hardware manufacturers (Intel, AMD, Arm) coordinate via these and other forums.

Vendor Recommendations¶

Hardware Platform¶

For cloud and server workloads requiring hardware-backed confidentiality, modern AMD and Intel offerings both excel. If isolating entire VMs, AMD SEV-SNP on 3^rd-gen EPYC is currently the most secure option (it provides full memory encryption and integrity checks plus attestations). For smaller enclave workloads, Intel SGX remains widely supported (Azure, IBM Cloud, etc.). For new deployments, consider hybrid use: e.g. sensitive key management on SGX enclaves, bulk data on SEV VMs. If using Intel-based servers, Intel TDX (available on latest Xeon) offers VM-level isolation similar to SEV with Intel's ecosystem support.

Cloud Services¶

All major clouds now support confidential compute. Evaluate pricing and ecosystem: - Azure's SGX-based confidential VMs (DCsv3/DCasv5 series) come at a modest premium (~ $0.57/hr for DC4sv3, roughly 20–50% above normal rates) - Google Cloud's Confidential VMs charge a small per-CPU add-on ($ 0.00548/vCPU/hr for AMD SEV) on top of base VM costs - AWS Nitro Enclaves are free to use (included in Nitro-enabled instances) but require you to provision larger instances - Alibaba Cloud offers SGX VMs and proprietary KAE containers

For multinational deployments, check local cloud offerings (e.g. Tencent, Huawei) for TEE support.

SDKs and Tools¶

For new development, we recommend open, community-backed tools. Open Enclave (Microsoft) is a strong general choice: it supports SGX and TrustZone and has good documentation. For Rust programmers, Fortanix EDP is well-designed and mature. If you need to run existing Linux apps with minimal changes, consider Occlum or SCONE (they both let Docker containers run in enclaves). For ARM devices, OP-TEE is the reference TEE; use GP-certified TAs for portability. Keep an eye on emerging frameworks like Enarx (open-source webassembly-style TEE) and the Certifier Framework for future cross-platform interoperability.

Blockchain Applications¶

Use established frameworks. For Hyperledger Fabric, use Avalon or Intel SGX chaincode for privacy. For new smart contract platforms, Oasis/Sapphire (SGX) and Secret Network (SGX) show how to integrate TEEs on Cosmos/EVM. For oracles and off-chain compute, Chainlink's TCF (with SGX) or R3's Conclave provide templates. Always include rigorous attestation checks. (Beware known TEE flaws: follow best practices like running enclaves in production mode and applying microcode patches.)

Security Practices¶

Treat TEEs as one layer of defense. Remain vigilant about microcode updates and side-channel mitigations. For example, disable hyper-threading to avoid LVI, use constant-time code, and run enclaves only in production mode. Use GlobalPlatform certification for mobile TAs, and Cloud Confidential Computing best practices (e.g. Azure Attestation, Google Shielded VMs). In hybrid systems, combine TEEs with cryptographic techniques (e.g. TLS between enclaves, split trust models).

AI Applications¶

While beyond this report's focus, TEEs are increasingly used to protect ML models and data (e.g. serving models in enclaves, confidential inference). If AI confidentiality is needed, consider platforms like NVIDIA's forthcoming confidential computing GPUs or enclave-based ML (Google Confidential AI Compute, etc.), but evaluate their maturity separately.

Cost Considerations¶

TEE technologies themselves (e.g. SGX) are built into CPUs at no extra license cost. The main costs come from cloud instance charges or specialized hardware. Based on public pricing: - Azure DC4sv3 (4vCPU SGX VM) is ~ $0.57/hr - Google's Confidential VM adds ~$ 0.0055/vCPU-hr - For on-prem, no additional chip fee is needed

Commercial TEE products (e.g. Fortanix DSM SaaS, Anjuna appliance) are priced per enterprise contract (contact vendors). Evaluate total cost of ownership including development and cloud fees when choosing a solution.

Summary Recommendation¶

Choose the TEE platform that matches your trust and performance needs. For maximum hardware trust, AMD SEV-SNP (VM-level) and Intel SGX (enclave-level) are leaders. For portability, use open SDKs like Open Enclave or Fortanix EDP. Engage with consortium tools (CCC projects, GlobalPlatform) for community support. And always stay updated on known vulnerabilities and apply mitigations.

Notice¶

This page is for informational purposes only. Do not consider any information contained herein to constitute any recommendation or endorsement for any particular vendor or product. DYOR.