NUCLEI and TrustKernel Announce Strategic Partnership to Launch RISC-V-based TEE Security Solution for AIoT

November 20, 2019,NUCLEI and TrustKernel announced a comprehensive and deep strategic partnership to cooperate in developing a trusted execution environment (TEE, Trusted Execution Environment) for AIoT security based on RISC-V architecture. Based on the “Ponlai Enclave” TEE solution, which was first announced at the RISC-V Shenzhen Forum, it provides security hardening for AIoT chips and solution partners.

TEE is essential in AIoT

With the development and popularity of AIoT and the emergence of high-speed and low-latency connectivity means such as 5G, more and more innovative applications have become possible, for example, from smart retail, flexible manufacturing, smart networked cars, telemedicine, etc., bringing more and more convenience to our lives and various possibilities for the future. However, while the emergence of a large number of application scenarios has brought about massive numbers of devices and trillions of connections, it has also brought about security risks. For example, the user’s phone or password lock is cracked by spoofing biometric technology, the user’s privacy is stolen for system vulnerabilities caused by hardware and software defects, and the transmission data between the device and the cloud is intercepted through insecure connections. In minor cases, privacy information is leaked, and in serious cases, it may lead to the control of important security facilities and thus lead to serious casualties. Therefore, security-related needs such as how to prevent malicious programs from stealing or tampering with user privacy, how to detect and protect against intrusions, and how to implement secure OTA (Over-The-Air) are becoming more and more urgent.

To meet these security needs, the Trusted Execution Environment (TEE), a combination of hardware and software, was created to effectively protect the code and data security and integrity of the applications loaded in it, and is an integral part of securing AIoT systems and applications.

NUCLEI and TrustKernel join forces to create a tailor-made TEE security solution for RISC-V - “PengLai”

The RISC-V instruction set architecture is expected to become the standard instruction set architecture in AIoT community as it meets the differentiated needs of different application scenarios through its openness and flexible extensions, and is widely supported by industry and community. In order to bring TEE solutions to the RISC-V world with both security and performance, NUCLEI, TrustKernel and Shanghai Jiao Tong University have jointly created the “PengLai Enclave” TEE security solution in RISC-V, which combines NUCLEI’s strengths in The solution combines NUCLEI’s strengths in RISC-V processors and TrustKernel’s strengths in security system software to provide a securely isolated “PengLai” island for AIoT applications to protect their critical data.

With the launch of “PengLai”, NUCLEIRISC-V security processor will fully promote and help customers from chip to application related security technology implementation, combined with TrustKernel’s security system software, providing customers with:

  • Hardware-level isolation technology to prevent malicious applications from viewing, stealing and viewing key, biometric-related private data;

  • Combined with NUCLEI’s command randomization mechanism, it effectively prevents all kinds of side channel attacks;

  • Combines security, flexibility and performance compared to traditional TEE solutions through a flexible strategy of shared and exclusive hardware space。


TrustKernelCEO Wenhao Li:

TrustKernel has been deeply involved in mobile and IoT security for many years, and TEE security products have been used in hundreds of millions of smart devices with ARM architecture. PengLaiEnclave is a security architecture formed by our insight into the needs of the RISC-V space and combined with years of mass production experience in the TEE industry, which replaces traditional solutions with forward-looking designs to ensure NUCLEI is an efficient and professional team, and the cooperation is very smooth. I believe that the cooperation with NUCLEI can bring more security to AIoT field, and I am looking forward to further cooperation in the future.


RISC-V was born in response to the needs of AIoT, so the security of RISC-V has been our concern since the beginning of the company, and we hope to bring better security to our customers and end users. We hope to provide our customers with more secure products as soon as possible.

For future cooperation prospect

In the future, NUCLEI and TrustKernel will provide richer and more complete security solutions for specific fields through in-depth cooperation with customers.


NUCLEI is the first professional RISC-V processor IP and solution company in mainland China, continuously focusing on RISC-V processor core development and leading the RISC-V industry ecology. NUCLEI has been at the forefront of RISC-V embedded processor R&D and industrialization in China, and is the first local company to achieve mass production of several RISC-V chips. NUCLEI is a silver-level member of RISC-V Foundation, vice chairman of China RISC-V Industry Alliance, and member of China Open Instruction Ecology (RISC-V) Alliance.

For more details, please visit:

About TrustKernel

TrustKernel, founded in 2015, is a leading global provider of security products and services for smart devices, committed to providing smart device vendors and application vendors with chip-based and system-level security products and solutions to protect the security of systems and applications. Since its establishment, TrustKernel has been deeply engaged in the field of chip and system security, insisting on the research of ARM, X86, RISC-V and other hardware architectures and continuously developing hardware and software security products, among which the trusted execution environment products have been applied in hundreds of millions of smart devices. Through its understanding and accumulation of chip and system security, TrustKernel will continue to cooperate with all parties in the industry chain to bring security systems and trusted execution environment solutions designed in collaboration with hardware and software to the RISC-V community to protect the massive application business.

For more details, please visit