From Hardware to Artifact: Trusted Software Builds with Remote Attestation

Software supply chain attacks, such as the SolarWinds breach, have exposed the risks of compromised build environments, where attackers can inject malicious code or tamper with provenance records. While build provenance helps track artifact creation, it cannot guarantee trust unless the build environment itself is secure, particularly in cloud-based virtualized systems that are vulnerable to host or hypervisor-level attacks. We present a hardware-backed architecture designed to secure cloud-based virtual machine (VM) build environments by leveraging confidential computing to minimize the Trusted Computing Base (TCB). Our solution builds upon AMD SEV-SNP and Secure Boot to establish a strong root of trust for the build platform. We combine hardware-based remote attestation for verifiable system state reporting with runtime enforcement using Linux Integrity Measurement Architecture (IMA) and Security-Enhanced Linux (SELinux). This ensures that builds are executed only within trusted, tamper-resistant environments, and that provenance records are cryptographically bound to a hardware root of trust. We evaluate our approach on confidential VMs and demonstrate that it offers strong security guarantees with low performance overhead.