Mengyuan Li's research on Trusted Execution Environments (TEE) and confidential computing spans four closely related areas: TEE-based systems and performance optimization, attacks on confidential computing platforms, defenses for secure cloud and AI infrastructure, and more general cloud security. This includes work on AMD SEV and SEV-SNP, SGX, confidential VMs, confidential GPU systems, ciphertext side channels, virtualization, secure networking, serverless platforms, and high-performance confidential workloads.
Related searches this page is designed to serve: TEE, Trusted Execution Environment, confidential computing, TEE-based systems, TEE performance optimization, TEE attacks, TEE defenses, confidential VM, AMD SEV, SEV-SNP, SGX, cloud GPU security, cloud security, serverless security.
Explores secure memory techniques for VM-based TEEs and efficient protected execution.
Connects confidential computing with efficient multi-GPU machine learning and shows how to reduce system bottlenecks in trusted infrastructure.
Bridges virtualization and enclave protection across TEE platforms, highlighting system support for deployable trusted execution.
Explores how to support elastic confidential VMs with secure and dynamic CPU scaling, improving the flexibility and efficiency of TEE-based systems.
Studies how to improve networking performance for confidential VMs without relying on trusted I/O devices, targeting practical system optimization in confidential cloud settings.
Studies side-channel vulnerabilities that break confidentiality guarantees in encrypted and confidential execution settings.
Examines subtle security implications of RMP entry caching in SEV-SNP and expands the attack surface analysis of modern confidential computing platforms.
Shows how ciphertext side channels can break constant-time cryptographic implementations running inside AMD SEV.
Demonstrates a side-channel attack surface exposed by the power reporting interface in AMD SEV platforms.
Uncovers a microarchitectural attack that breaks isolation assumptions in AMD SEV through TLB manipulation.
Shows how crash-based isolation assumptions can fail in AMD SEV and lead to cross-boundary memory exposure.
Studies attacks that exploit unprotected I/O operations in AMD SEV, highlighting early weaknesses in confidential VM designs.
Addresses speculative-execution threats in SGX and reflects broader work on attack surfaces and mitigation around TEE platforms.
A systems-oriented overview of TEE design tradeoffs and common pitfalls, useful for understanding how to build more secure confidential computing systems.
Focuses on detecting vulnerabilities and deriving stronger design and implementation guidance for secure cryptographic and confidential systems.
Studies security and isolation properties of serverless platforms, representing broader cloud security work beyond TEE-specific mechanisms.
This broader line of work also connects to cloud multi-tenancy, isolation failures, and shared-infrastructure threats that matter beyond confidential computing alone.
CSCI 699: Confidential Computing covers trusted execution environments, confidential virtual machines, confidential GPUs, and privacy-preserving computation. The SEPT Lab page provides the broader lab context for this research area.
For adjacent research directions, see Verifiable AI and AI Agent Security. The full publication list is available on the homepage publications section.