Liu, YinDhar, SiddharthTilevich, Eli2023-01-232023-01-232022-06-010164-1212http://hdl.handle.net/10919/113352A Trusted Execution Environment (TEE) provides an isolated hardware environment for sensitive code and data to protect a system's integrity and confidentiality. As we discovered, programmers tend to overuse TEE protection. When they place non-sensitive code in TEE, the trusted computing base (TCB) grows unnecessarily, leading to long execution latencies and large attack surfaces. To address this problem, we first study a representative sample of open-source projects to uncover how TEE is utilized in real-world software. To facilitate the process of removing non-sensitive code from TEE, we introduce TEE Insourcing, a new type of software refactoring that identifies and removes the unnecessary program parts out of TEE. We implemented TEE Insourcing as the TEE-DRUP framework, which operates in three phases: (1) a variable sensitivity analysis designates each variable as sensitive or non-sensitive; (2) a TEE-aware taint analysis identifies non-sensitive TEE-based functions; (3) a fully-declarative program transformation automatically moves these functions out of TEE. Our evaluation demonstrates that our approach is correct, effective, and usable. By deploying TEE-DRUP to discover and remove the unnecessary TEE code, programmers can both reduce the TCB's size and improve system performance.16 page(s)application/pdfenIn CopyrightTEEProgram analysisCode transformationSTATIC ANALYSISArticle - Refereed2023-01-20https://doi.org/10.1016/j.jss.2022.111253188Tilevich, Eli [0000-0003-2415-6926]1873-1228