Secure Processors & Trusted Execution Environments (TEEs)
Architectural techniques for protecting trusted software modules by securing a minimal hardware-protected supervisory execution layer that enables flexible isolation across multiple trusted components within processor environments and TEEs.
Security Challenge Overview
Modern computing platforms increasingly rely on TEEs to support multiple trusted software components operating alongside conventional system software. In many architectures, however, protecting each trusted module directly with dedicated hardware enforcement mechanisms can increase implementation complexity and reduce flexibility and scalability as the number and variety of trusted components grows.
A more scalable architectural strategy is to protect a minimal trusted “supervisory” software layer—such as a secure monitor, hypervisor, microkernel, or other privileged runtime system component—that mediates interactions among trusted modules and the underlying processor resources. By securing this lowest-level control layer in hardware, the system can extend protection across multiple, concurrent trusted execution environments that are mutually distrustful without requiring separate hardware mechanisms for each individual trusted environment.
Key challenges include:
Providing strong hardware-backed protection for a foundational system execution layer
Supporting flexible deployment of multiple, concurrent, trusted software modules from different trust domains within a shared processor environment
Reducing hardware complexity as trusted execution models evolve
Enabling controlled mediation of privilege transitions and resource access among trusted components
As computing platforms increasingly incorporate diverse trusted execution services, scalable processor-level protection mechanisms become essential for maintaining secure and adaptable execution environments.
CoreSecure’s Architectural Approach
CoreSecure Technologies’ processor security patents introduce hardware mechanisms that protect a minimal trusted system software layer, which can then enforce protection across multiple trusted software modules from different trust domains.
By providing extra protection for this lowest-level system layer directly in hardware, the architecture enables flexible protection of concurrent trusted execution environments without requiring separate hardware enforcement mechanisms for each trust domain. This approach reduces implementation complexity while supporting a flexible and scalable number of trust domains across processor platforms.
Rather than embedding protection independently for each secure workload, the inventions establish a hardware-protected execution foundation that mediates privilege transitions and access to processor resources among trusted modules in a trust domain and providing isolation between trusted modules from different trust domains.
Key Technical Capabilities
Hardware protection of a minimal trusted system software layer
Protection of multiple, concurrent, trusted software modules from different trust domains
Mediation of privilege transitions and controlled access to processor and system resources
Scalability with significantly reduced hardware complexity compared to hardware-only TEE enforcement architectures
Compatibility with modern hardware processor architectures
Provide security, even with a compromised operating system
Patent Portfolio: Secure Processors & TEEs
The following patents represent CoreSecure Technologies’ intellectual property related to processor-level architectural protection of trusted supervisory layers and TEEs. Each patent links to a dedicated patent page containing the abstract, links to Google Patents and the USPTO, and references to related patents within the same family.
System and Method for Processor-Based Security
US 8,738,932 B2 | Issued: May 27, 2014
US 9,784,260 B2 | Issued: October 10, 2017
US 9,989,043 B2 | Issued: June 5, 2018
Potential Application Areas
Processor architectures for supporting Trusted Execution Environments (TEEs)
Secure system execution layers for protecting trusted software modules
Virtualized and multi-tenant computing platforms
Systems requiring scalable protection of multiple, concurrent trusted workloads from different trust domains
Enterprise and cloud computing environments
Secure computing platforms and hardware root-of-trust systems
Systems requiring strong isolation between trusted and untrusted workloads
Security-sensitive applications and confidential computing systems
Secure processor designs
Multi-user and multi-processor computing systems
Licensing & Collaboration
CoreSecure Technologies’ processor security patents are available for licensing and strategic collaboration, supporting scalable trusted execution architectures across processor and virtualization platforms.