Artifact for paper "Trust Nothing: RTOS Security without Run-Time Software TCB" (USENIX Sec'26)

Artifacts for the paper "Trust Nothing: RTOS Security without Software TCB".

The paper implements Northcape, a novel capability architecture implemented at system bus level, in an SoC that targets an FPGA platform (Bredi). Northcape is combined with Skadi, a capability-aware real-time operating system. Together, Bredi and Skadi solve the problem of access control on embedded devices in the presence of untrusted applications, kernels and devices with real-time capability without requiring a run-time software TCB.

The artifact contains the sources, build scripts and build instructions for Skadi, Bredi and their insecure benchmark references. Furthermore, it contains instructions on how to replicate the experiments conducted in the paper alongside the logs of our original executions.