In this paper, we present DORAMI—a privilege separation approach that isolates the SM from the firmware thus reducing the attack surface on TEEs. DORAMI re-purposes existing ISA features to …

DORAMI has to route the request to the correct compartment. For ex-ample DORAMI has to invoke the Firmware compartment if the S/U-mode wants to invoke firmware functions

en-dor code specific to the platform. In this paper, we present DORAMI—a privilege separation approach that isolates the SM from the firmware thu. reducing the attack surface on TEEs. DORAMI …

Dorami: A Privilege Separation Approach for Secure Monitors on RISC-V TEEs, by Nivedita Singh and Nipun Gupta, arXiv, 2024.

3.11. DORAMI cution modes (P, F, S/U). This design minimizes the need for significant hardware changes, facilitating easier ado tion in existing systems. However, the architecture’s effectiveness is …

Dorami [61] is a recent RISC-V security monitor that iso-lates firmware in an M-mode compartment. However, it re-quires binary scanning and vendor firmware modification for each platform and thus …

For example, Kuhne et al. [15] proposed Dorami to isolate untrusted vendor firmware from system monitors. Keystone [16] re-purposes PMP as a security primitive to support Trusted Execution …