SEV, an extension to the AMD-V architecture, facilitates the execution of multiple virtual machines (VMs) controlled by a hypervisor. When SEV is enabled, the hardware tags all code and data with its VM ASID, identifying the originating or intended VM for the data. This tag remains attached to the data within the SOC at all times, ensuring that only the owner VM can access it.

Inside the SOC, the tag provides protection to VM data. However, data outside the SOC is secured by AES with 128-bit encryption. When data enters or exits the SOC, the hardware encrypts or decrypts it based on the associated tag's encryption key.

Each VM and the hypervisor have unique tags and encryption keys. This arrangement, combined with memory encryption, restricts data access solely to the VM associated with the relevant tag. In the event that anyone else, including the hypervisor, attempts to access the data, they will only see it in its encrypted form. This robust encryption-based isolation ensures strong cryptographic separation between VMs and between VMs and the hypervisor, bolstering overall system security.