Proceedings of the 8th Workshop on Modeling and Simulation of Software-Intensive Systems (MSSiS), to be published,
April 2026
Consistency checking—verifying that development artifacts are free of contradictions—is vital for designing complex and safety-critical cyber-physical systems (CPS). However, CPS development often involves multiple organizations sharing proprietary artifacts, such as partial models and design specifications, which raises concerns about information leakage. Trusted Execution Environments (TEEs) enable confidential computation across organizations without revealing plaintext data. However, side-channel attacks, implicit trust assumptions, and cross-organizational inference can still leak confidential information. This work analyzes confidentiality vulnerabilities in TEE-based cross-organizational consistency checking. We examine practical threat models and identify potential leakages throughout data provisioning, rule execution, and result sharing. To support systematic evaluation, we introduce DataGen, a technique that uses large language models to generate consistency rules and CPS artifacts across diverse application domains. Using DataGen, we benchmark data leakage risks in different TEE settings and highlight overlooked gaps in current protection mechanisms.