Trusted Execution Environments (TEEs) are a feature of modern central processing units (CPUs) that aim to provide a high assurance, isolated environment in which to run workloads that demand both confidentiality and integrity. Hardware and software components in the CPU isolate workloads, commonly referred to as Trusted Applications (TAs), from the main operating system (OS). This article aims to analyse the TEE ecosystem, determine its usability, and suggest improvements where necessary to make adoption easier. To better understand TEE usage, we gathered academic and practical examples from a total of 223 references. We summarise the literature and provide a publication timeline, along with insights into the evolution of TEE research and deployment. We categorise TAs into major groups and analyse the tools available to developers. Lastly, we evaluate trusted container projects, test performance, and identify the requirements for migrating applications inside them.

翻译：可信执行环境（TEE）是现代中央处理器（CPU）的一项功能，旨在提供高保证性的隔离环境，用于运行需要同时满足机密性和完整性的工作负载。CPU中的硬件和软件组件将工作负载（通常称为可信应用，TA）与主操作系统（OS）隔离。本文旨在分析TEE生态系统，评估其可用性，并在必要时提出改进建议以降低其使用门槛。为深入理解TEE的实际应用，我们从总计223篇参考文献中收集了学术与实践案例。我们总结相关文献并绘制了出版时间线，同时提供了对TEE研究与部署演进的见解。我们将可信应用划分为主要类别，并分析了开发人员可用的工具。最后，我们评估了可信容器项目，测试了性能表现，并明确了将应用迁移至其中的必要条件。