– Lead project to enable fully auditable, attestable firmware for confidential virtual machines (CVM) – a new Azure Iaas offering for security-sensitive workloads.

– Enhanced customer experience by developing Azure CLI extensions (Python) to prepare integrity protected OS disks, custom firmware and brought down VM pre deployment preparation time from 20minutes to 5minutes.

– Designed diagnostics tools, remote logging and stress testing framework (Python) to easily identify root cause of intermittent VM deployment failures and improved deployment reliability to 90%.

– Improved guest attestation report generation time and VM boot time by changing the firmware root file system from alpine to busybox and reducing filesystem size from 33MB to 18MB.

– Developed mutually attested TLS client-server modules, and file encryption modules (In C++) which served as reference applications for customers on Intel SGX platform.

Built a web-based utility tool (in Python, ReactJS) to recommend optimal erasure coding parameters for a given workload access pattern on AWS S3 using Amazon API gateway and AWS Lambda services.

– Enabled secure operating system on automotive chip sets using ARM Trust zone technology.

– Implemented access control APIs to protect memory regions exposed to subsystems on a SOC.