The AI Vault project designs and develops a new trusted execution environment (TEE) tailored to run artificial intelligence (AI) and machine learning (ML) programs on modern AI platforms (e.g., cloud and embedded devices) while providing strong data confidentiality and high efficiency.

TEE technologies, such as Intel SGX and ARM TrustZone, provide strong security guarantees against powerful attacks. However, due to the data-intensive characteristics of AI/ML programs and limitations of TEE, it is challenging to protect AI/ML programs using TEE technologies without sacrificing security and/or performance significantly. The goal of this project is to overcome these challenges to practically enable trusted AI and ML execution on AI platforms in production.

Recent News

• Sep. 19, 2023: GEVisor paper is accepted to SOCC 2023
• Dec. 17, 2022: T-Slices paper is accepted to CODASPY 2023
• Oct. 21, 2020: Vessels conference talk at SOCC 2020
• Aug. 8, 2020: Vessels paper is accepted to SOCC 2020

Available Work

• GEVisor: a small hypervisor to build a trusted GPU execution environment (paper, code)
• T-Slices: trusted deep learning prediction with ARM TrustZone (paper, code)
• Vessels: a deep learning framework for confidential prediction using Intel SGX (paper)

Acknowledgments

This project is supported in part by the Texas A&M Engineering Experiment Station on behalf of its SecureAmerica Institute.