Confidential Computing (CC) based on virtualization, such as Intel TDX and AMD SEV-SNP introduced in the 2022 to 2023 timeframe, combines memory encryption, attestation and special CPU operating modes to protect data in use from accesses by administrators and service providers. I have studied and tracked the maturity and usability of CC by analyzing publications, specifications and market reports, as well as by interviewing more than 40 professionals from more than 20 organizations. My public report available at the HAL open science archive (HAL ID 05504115, Feb. 2026, see link below) underpins a growing sense of urgency for adopting the technology to mitigate rising cybersecurity risks and support regulatory requirements. As CC relies on the implementation by the hypervisor and the Virtual Machine Monitor (VMM), such as Linux KVM with the open-source Cloud Hypervisor VMM, we at Cyberus consider CC as a strategic area for business development.
The non-public part of the analysis includes my performance characterization of compute and memory-bound phases with CC enabled using (micro-)benchmarks, such as STREAM, memory latency under load, OpenMP pragma overhead, OpenBLAS and HPCG.
Sectors that need to process classified information subject to the German Verschlusssachenanweisung by the BSI (German Federal Office for Information Security) rely on accredited products for their IT. Cyberus Technology pursues the accreditation of the Cyberus Hypervisor component, a defined combination of Linux KVM with the open-source Cloud Hypervisor, for handling classified information at VS-NfD level (Verschlusssache - nur für den Dienstgebrauch). I have contributed to the documentation of the guidance for IT integrators.
M. Gries: Confidential Computing Revisited: Usability, Market, Standpoints and Trends, Technical Report, Cyberus Technology GmbH, Germany, Feb. 2026, pdf at HAL open science archive: HAL open science hal-05504115