Emerging applications like artificial intelligence and autonomous car require high security-assurance, which stimulates the wide-spread deployment of trusted execution environment (TEE), e.g., Intel SGX, AMD SEV and ARM TrustZone. However, existing enclave systems are far from the ideal for three reasons.

Penglai-Enclave is proposed to overcome the challenges. Penglai is an open-sourced, secure and scalable TEE system for RISC-V. Penglai is made powerful through a new hardware-assisted scalable physical memory isolation extension (sPMP) which is introduced to overcome the limited secure regions. Evaluations show that Penglai can achieve more than 100 instances even in a resource-restricted device.