Data Protection by Design in Healthcare for Smart Cities: A Hardware-based Pilot using ARM Morello Board
Resumo
Smart and sustainable cities increasingly depend on integration processes to exchange data across their digital services, such as primary healthcare services. In conventional execution environments, the sensitive data handled by these processes remains exposed in memory, creating opportunities for unauthorised access, data exfiltration, and loss of institutional control over data processing. This paper reports the development and execution of the integration of digital services in a pilot project of a hardware-based approach using the ARM Morello Board. Our solution executes the integration process in a CHERI-based trusted execution environment and uses execution-environment attestation so that digital services can verify execution conditions before authorising them.
Referências
ARM (2024). ARM Morello Program. [link]. Acc: 2026-01-05.
Bibri, S. E. and Krogstie, J. (2017). Smart sustainable cities of the future: An extensive interdisciplinary literature review. Sustainable Cities and Society, 31:183–212.
Brazilian Government (2018). General Data Protection Law (LGPD). [link]. Acc: 2026-01-05.
European (2016). General Data Protection Regulation (GDPR). [link]. Acc: 2025-09-12.
FUMSSAR (2026). FUMSSAR – Fundação Municipal de Saúde de Santa Rosa. [link]. Acc: 2026-03-11.
Gupta, P., Hooda, A., Jeyaraj, A., Seddon, J. J., and Dwivedi, Y. K. (2025). Trust, risk, privacy and security in e-government use: insights from a MASEM analysis. Information Systems Frontiers, 27(3):1089–1105.
Hamid, S. and Huda, M. N. (2025). Mapping the landscape of government data breaches: A bibliometric analysis of literature from 2006 to 2023. Social Sciences & Humanities Open, 11:101234.
Harrison, C., Eckman, B., Hamilton, R., Hartswick, P., Kalagnanam, J., Paraszczak, J., and Williams, P. (2010). Foundations for Smarter Cities. IBM Journal of Research and Development, 54(4):1–16.
Intel (2026). Intel Trust Domain Extensions (TDX). [link]. Acc: 2026-03-05.
Kaplan, D., Powell, J., and Woller, T. (2016). AMD Memory Encryption. In International Conference on Hardware/Software Codesign and System Synthesis, pages 1–6.
Sabt, M., Achemlal, M., and Bouabdallah, A. (2015). Trusted Execution Environment: what it is, and what it is not. In IEEE Trustcom/BigDataSE/Ispa, volume 1, pages 57–64.
Watson, R. N. M., Clarke, J., Davis, B., Witaszczyk, K., and Neville-Neil, G. V. (2026). Getting Started with CheriBSD 25.03: User level software compartmentalization (experimental). [link]. Acc: 2026-03-05.
Watson, R. N. M., Woodruff, J., Neumann, P. G., Moore, S. W., Anderson, J., Chisnall, D., Dave, N., Davis, B., Gudka, K., Laurie, B., Murdoch, S. J., Norton, R., Roe, M., Son, S., and Vadera, M. (2015). CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization. In IEEE Symposium on Security and Privacy, pages 20–37.
Zheng, W., Wu, Y., Wu, X., Feng, C., Sui, Y., Lu, X., and Zhou, Y. (2021). A Survey of Intel SGX and Its Applications. Frontiers of Computer Science, 15(3):153808.
