On Securing Cloud-hosted Cyber-physical Systems Using Trusted Execution Environments. (arXiv:2104.01011v1 [cs.CR])

Recently, cloud control systems have gained increasing attention from the
research community as a solution to implement networked cyber-physical systems
(CPSs). Such an architecture can reduce deployment and maintenance costs albeit
at the expense of additional security and privacy concerns. In this paper,
first, we discuss state-of-the-art security solutions for cloud control systems
and their limitations. Then, we propose a novel control architecture based on
Trusted Execution Environments (TEE). We show that such an approach can
potentially address major security and privacy issues for cloud-hosted control
systems. Finally, we present an implementation setup based on Intel Software
Guard Extensions (SGX) and validate its effectiveness on a testbed system.