COSCUP 2026 - Conference for Open Source Coders, Users, and Promoters

Architecting Trusted Execution on RISC-V: Worlds, WorldGuard and Supervisor Domains
2026-08-08 , TR213

As system-level hardware isolation has long been a missing piece in the RISC-V ecosystem, emerging standards are now closing that gap. This session provides a general introduction to deploying hardware-enforced Trusted Execution Environments (TEEs) using the RISC-V Worlds ISA extension and the WorldGuard architecture. We will explore how initiators tag execution environments and how target resources enforce access control rules. Transitioning to software, we will cover defining isolation boundaries via Device Tree bindings and managing system domains within OpenSBI. Finally, we will demonstrate integrating this security stack with OP-TEE, leveraging the RPMI TEE Service Group to establish standardized cross-world communication.


Difficulty: Advanced

Peter Lin works on system software, firmware, and security — with a focus on the low-level engineering that makes trustworthy computing platforms actually work. His current work centers on hardware isolation and secure execution environments in the open RISC-V ecosystem.