Update README.md (#100)

Add information about new papers

Author: wojciechozga

README.md

@@ -6,14 +6,14 @@
 ACE-RISCV is an open-source project, whose goal is to deliver a confidential computing framework with a formally proven security monitor. It is based on the [canonical architecture](https://dl.acm.org/doi/pdf/10.1145/3623652.3623668) and targets RISC-V with the goal of being portable to other architectures. The formal verification efforts focus on the [security monitor implementation](security-monitor/). We invite collaborators to work with us to push the boundaries of provable confidential computing technology.
 
 **Formal verification:**
-This project implements the RISC-V CoVE spec's deployment model 3 referenced in [Appendix D](https://github.com/riscv-non-isa/riscv-ap-tee/blob/main/). The formal specification is embedded in the security monitor's source code and the proofs are in the [verification/](verification/) folder. Please read our [paper](https://dl.acm.org/doi/pdf/10.1145/3623652.3623668) to learn about the approach and goals.
+This project implements the RISC-V CoVE spec's deployment model 3 referenced in [Appendix D](https://github.com/riscv-non-isa/riscv-ap-tee/blob/main/). The formal specification is embedded in the security monitor's source code and the proofs are in the [verification/](verification/) folder. Please read our [paper1](https://arxiv.org/pdf/2505.12995) and [paper2](https://dl.acm.org/doi/pdf/10.1145/3623652.3623668) to learn about the approach and goals.
 
 **Post-Quantum Cryptography (PQC) and Attestation**: ACE supports local attestation, a mechanism to authenticate confidential VMs intended for embedded systems with limited or no network connectivity. We already support PQC, specifically we use ML-KEM, SHA-384, and AES-GCM-256 cryptography.
 
 ## Hardware requirements
 We are currently building on RISC-V 64-bit with integer (I), atomic (A) and hypervisor extentions (H), physical memory protection (PMP), memory management unit (MMU), IOPMP, core-local interrupt controller (CLINT), and supervisor timecmp extension (Sstc).
 
-**Real RISC-V hardware to run ACE:**
+**RISC-V hardware to run ACE:**
 * SiFive P550 evaluation board, [see instructions](security-monitor/platform/p550).
 
 ## Quick Start
@@ -128,47 +128,20 @@ You should see the output from the boot process and a promt to login to the hype
 # login: root, password: passwd
 ```
 
-To run the sample Linux OS as a confidential VM (login: root, password: passwd) execute.
-This demonstrates automatic promotion of a VM to TVM:
+To run the sample Linux OS as a confidential VM (login: root, password: passwd) execute:
 ```
 ./run_linux_vm_qemu.sh
 ```
 
-Run the sample Linux OS as a confidential VM using kvmtool.
+You should see the output indicating that local attestation suceeded:
 ```
-./run_linux_vm_kvmtool.sh
-```
-
-## Local attestation
-Local attestation allows you to expose secrets (e.g., dm-crypt/LUKS key, TLS pre-shared key, etc) to your confidential VM in a secure way.
-
-Collect reference measurements of your virtual machines, like kernel, initrd, initial boot hart state.
-Below as, an example, we just collect the kernel measurement (for automatic promotion):
-```
-cove-tap-tool measure --kernel-file $ACE_DIR/confidential_vms/linux_vm/buildroot/images/Image
-# Example output:
-# Digest 0x86774eec200ca6552cbc50211e4b32e7a4ba815c190d56b11ffabc8df1ebb6d9c41d04a64099d860b90c65729a28ded8
-```
-
-Create a TVM attestation payload (TAP) that contains a secret (0xc0ffee), which will be release to confidential VMs whose measurement in PCR4 equals the reference measurement of your kernel.
-Please note that in real systems you would define values of more PCRs to ensure the integrity of the firmware, security monitor, initrd, etc.
-```
-cove-tap-tool generate --output-file=$ACE_DIR/cove_tap --pcrs 4=0x86774eec200ca6552cbc50211e4b32e7a4ba815c190d56b11ffabc8df1ebb6d9c41d04a64099d860b90c65729a28ded8 --secrets 0=0xc0ffee
-# Example output:
-# Writing PCR4=86774eec200ca6552cbc50211e4b32e7a4ba815c190d56b11ffabc8df1ebb6d9c41d04a64099d860b90c65729a28ded8
-# Writing secret 0
-```
-
-Attach the TAP to the kernel image:
-```
-cove-tap-tool append --tap-file=$ACE_DIR/cove_tap --kernel-file=$ACE_DIR/confidential_vms/linux_vm/buildroot/images/Image
+#ACE: Reference PCR4=Sha512=0x86774eec200ca6552cbc50211e4b32e7a4ba815c190d56b11ffabc8df1ebb6d9c41d04a64099d860b90c65729a28ded8
+#ACE: Attestation succeeded, read 1 secret
 ```
 
-Run again the hypervisor and then your confidential VM (see section `Run and Test`).
-You should see the output
+You can login now to the confidential VM:
 ```
-#ACE: Reference PCR4=Sha512=0x86774eec200ca6552cbc50211e4b32e7a4ba815c190d56b11ffabc8df1ebb6d9c41d04a64099d860b90c65729a28ded8
-#ACE: Attestation succeeded, read 1 secret
+# login: root, password: passwd
 ```
 
 You can read the secret from the inside of the confidential VM:
@@ -194,6 +167,17 @@ This repository is distributed under the terms of the Apache 2.0 License, see [L
 **This is an active research project, without warranties of any kind.**
 
 # Citation
+**Our newest full paper on ACE:**
+```
+@misc{ozga2025ace,
+    author = {Ozga, Wojciech and Hunt, Guerney D. H. and Le, Michael V. and Gaeher Lennard and Shinnar, Avraham and Palmer, Elaine R. and Jamjoom, Hani and Dragone, Silvio},
+    title = {ACE: Confidential Computing for Embedded RISC-V Systems},
+    year = 2025,
+    howpublished = {\url{https://arxiv.org/pdf/2505.12995}}
+}
+```
+
+**Our workshop paper on ACE:**
 ```
 @inproceedings{ozga2023riscvtee,
     title={Towards a Formally Verified Security Monitor for VM-based Confidential Computing},
@@ -203,3 +187,13 @@ This repository is distributed under the terms of the Apache 2.0 License, see [L
     year={2023}
 }
 ```
+
+**Our paper on context switch validation:**
+```
+@misc{kalani2025sailor,
+    author = {Kalani, Neelu and Bourgeat, Thomas and Hunt, Guerney D.H. and Ozga, Wojciech},
+    title = {Save what must be saved: Secure context switching with Sailor},
+    year = 2025,
+    howpublished = {\url{https://arxiv.org/pdf/2502.06609}}
+}
+```