Kun Lu

Kun Lu

Research Assistant at COMPASS Lab

Homepage

I am Kun Lu, a Research Assistant at COMPASS Lab, Southern University of Science and Technology (SUSTech), where I am supervised by Prof. Fengwei Zhang. I also received my Master’s degree from SUSTech. Before that, I obtained my Bachelor’s degree in Computer Science and Technology from Jilin University.

Note: Currently, I am seeking a research internship related to system security, confidential computing, hardware-software co-design, and GPU security.

Research Interests

I focus on building secure systems utilizing hardware-software co-design methods. My previous research centered on enhancing the security and usability of confidential computing. I have built systems to mitigate security vulnerabilities in CVM frameworks, offer security services on TrustZone, and enable confidential xPU computing tasks.

In the future, I plan to pursue a Ph.D. to build secure and efficient systems under real-world workloads (e.g., serverless computing, AI). I am looking forward to a self-motivated professor, who is looking forward to self-motivated students.

Publications

Building Confidential Accelerator Computing Environment for Arm CCA
To Appear In IEEE Transactions on Dependable and Secure Computing (TDSC’25), 2025.
Chenxu Wang, Kun Lu, Fengwei Zhang, Yunjie Deng, Kevin Leach, Jiannong Cao, Zhenyu Ning, Shoumeng Yan, Tao Wei, and Zhengyu He

Decoupling Confidential VMs from the Hypervisor via Secure Domain Resource Management
Under review at 47th IEEE Symposium on Security and Privacy (S&P’26)
Kun Lu, Nian Liu, Fengwei Zhang

An Isolation Framework for Security Services on TrustZone
Under review at the 63rd Annual Design Automation Conference (DAC’26)
Nian Liu, Kun Lu, Fengwei Zhang

Project Experiences

One Student One Chip

I built a RISC-V 5-stage in-order core with an Sv39 MMU, supporting Integer and Multiplication extensions. To debug the core, I developed an RV64 emulator in C for differential testing against the core. I successfully ran the RT-Thread OS on the core and obtained a tape-out opportunity.

Repo Link

PLCT Intern

In April 2023, I started working with ZenithalHourlyRate on interrupt controller projects. However, I temporarily left the team due to RocketChip’s decision to minimize the addition of new features and funding issues related to PLCT. In the summer of 2024, I returned to the team to work on enabling S-mode in the vector processor T1, which originally only supported M-mode.

GPGPU-Sim Architecture Understanding

I systematically analyzed the code related to Stream Multiprocessors (SMs) in GPGPU-sim, a well-known GPU simulator. Based on the source code, I illustrated the SM architecture and categorized the overhead into four parts: load overhead, store overhead, scheduling overhead, and execution overhead. I then analyzed the CUDA program on GPGPU-sim, which demonstrated that the load/store overhead can be effectively hidden by the execution time.

About me

In my spare time, I like petting stray dogs, watching anime, wandering around with my camera, and singing.