Process attestation systems verify that a continuous physical process, such as human authorship, actually occurred, rather than merely checking system state. These systems face a fundamental dependability challenge: the evidence collection infrastructure must remain available and tamper-resistant even when the attesting party controls the platform. Trusted Execution Environments (TEEs) provide hardware-enforced isolation that can address this challenge, but their integration with continuous process attestation introduces novel resilience requirements not addressed by existing frameworks. We present the first architecture for continuous process attestation evidence collection inside TEEs, providing hardware-backed tamper resistance against trust-inverted adversaries with graduated input assurance from software-channel integrity (Tier 1) through hardware-bound input (Tier 3). We develop a Markov-chain dependability model quantifying Evidence Chain Availability (ECA), Mean Time Between Evidence Gaps (MTBEG), and Recovery Time Objectives (RTO). We introduce a resilient evidence chain protocol maintaining chain integrity across TEE crashes, network partitions, and enclave migration. Our security analysis derives formal bounds under combined threat models including trust inversion and TEE side channels, parameterized by a conjectural side-channel leakage bound esc that requires empirical validation. Evaluation on Intel SGX demonstrates under 25% per-checkpoint CPU overhead (<0.3% of the 30 s checkpoint interval), >99.5% Evidence Chain Availability (ECA) (the fraction of session time with active evidence collection) in Monte Carlo simulation under Poisson failure models, and sealed-state recovery under 200 ms.

翻译：过程认证系统验证人类作者身份等连续物理过程是否真实发生，而非仅检查系统状态。这类系统面临根本性的可信性挑战：即使认证方控制着平台，证据收集基础设施也必须保持可用且防篡改。可信执行环境（TEE）提供的硬件强制隔离可应对这一挑战，但将其与连续过程认证相结合，会引入现有框架尚未解决的新的弹性需求。我们提出了首个在TEE内部实现连续过程认证证据收集的架构，通过硬件支持的防篡改能力抵御信任反转攻击者，并采用分级输入保证，从软件通道完整性（第一级）延伸至硬件绑定输入（第三级）。我们开发了基于马尔可夫链的可信性模型，量化证据链可用性（ECA）、平均证据间隙时间（MTBEG）和恢复时间目标（RTO）。我们引入了弹性证据链协议，可在TEE崩溃、网络分区和飞地迁移期间保持链完整性。我们的安全分析在联合威胁模型（包括信任反转和TEE侧信道）下推导出形式化边界，该边界由需经验验证的推测性侧信道泄漏边界esc参数化。在Intel SGX平台上的评估表明：每个检查点CPU开销低于25%（占30秒检查点间隔的<0.3%）；在泊松故障模型的蒙特卡洛模拟中，证据链可用性（ECA）（即会话期间活跃证据收集的时间占比）超过99.5%；密封状态恢复时间低于200毫秒。