SCONE is a runtime that is integrated into executables during the compilation process to run applications in Trusted Executions Environments (TEE) such as Intel SGX. Besides adding instrumentation to leverage TEEs, it also provides transparent file system encryption as well as secure communications. Applications are attested to verify if the code is indeed executed in an enclave of a TEE and has not been tampered with. In case the attestation succeeds, SCONE provides the applications with configuration as well as reassurance that confidential information and private keys will never get into human hands.
The SCONE framework is closed source, however, the community edition is publicly available for testing purposes etc. with a minimal set of features.
The SCONE runtime is part of the executable. It also interacts with the CAS (Configuration and Attestation Service) that is responsible for code attestation as well as secret and configuration provisioning.