RAM Laboratories is proposing the Embedded Secure Hypervisor with Integrated Privilege Separation (ESHIPS), which utilizes hardware features inherent in ARMv8 architectures to enable the creation of multiple Secure Execution Environments (SEEs) while thwarting attempts to circumvent the SEE through lightweight intra-level privilege separation techniques. The resulting SEEs can then be used to store security critical code or data, preventing adversaries from exploiting zero-day vulnerabilities that allow them to access Critical Program Information (CPI) while minimizing the performance impact on applications. Approved for Public Release | 19-MDA-10270 (18 Nov 19)