Security Enclave IP Based On RISC-V
By Jon Jacobsen, Silex Insight
If you are designing systems based on a RISC-V architecture, for example to run highly connected applications, you want to include tight, future-proof security. Both for your customers’ experience and your reputation, you want to avoid a breach of security – leaking private data or even changing the functionality. Therefore, security should be part of the fabric of your system.
SECURITY SHOULD BE TAKEN INTO ACCOUNT FROM THE VERY FIRST DESIGN NOTES, NOT AS AN AFTERTHOUGHT TO BE ADDED WITH A FEW DROPS OF SOFTWARE.
Luckily, the RISC-V architecture offers a solid ground for security. In addition, there are several companies that have designed ready-made IP blocks that you can integrate with RISC-V designs. One such provider is Silex Insight, the recognized leader in the field of hardware blocks for security and cryptography. Especially for the RISC-V community, its experts have developed a security enclave solution ready to safeguard your processor and the applications it runs from malicious intrusion and manipulation.
What makes RISC-V so appealing?
RISC-V is an instruction set architecture (ISA) based on established principles for reduced instruction set computers (RISC). Unlike most other ISA designs, the RISC-V ISA is provided under free, open-source licenses. Lately, it is gaining traction and a fast-growing number of companies have announced or started offering RISC-V hardware.
RISC-V IS A FREE AND OPEN ISA ENABLING A NEW ERA OF PROCESSOR INNOVATION THROUGH OPEN STANDARD COLLABORATION.
The appeal of RISC-V is clear: in contrast to alternative architectures from leading vendors, it supports building innovative, specialized microprocessor designs. It is flexible and modular and so it bypasses one-size-fits-all designs full of prepackaged features and capabilities that you may not need, but that cost your applications dearly in terms of performance and energy usage. In comparison to proprietary RISC and its open-source nature, RISC-V combines its high level of flexibility with a much lower cost.
No wonder it attracts a growing number of companies that want to produce custom chips. Such RISC-V chips are eventually also expected to appear in traditional computing. Their real added value, however, will be in driving the connected applications that make up the Internet of Things (IoT) and the Industrial IoT (IIoT), applications that include home appliances and wearables, medical devices and implantables, robotics and automated factory equipment, and also autonomous vehicles.
A glaring issue for embedded IoT/IIoT systems: security
If we have learned anything from the recent history of connected devices, it is their vulnerability to all types of accidental and malicious misuse.
Even such sensitive applications as heart implants, car key fobs, or nuclear power plant equipment have been proven to be vulnerable. High-volume applications such as household appliances, camera image sensors, or even hard disk controllers form an especially attractive attack surface for hackers.
ALL THESE EXAMPLES READILY SHOW THE IMPORTANCE OF SAFEGUARDING THE AUTHENTICITY, CONFIDENTIALITY, AND INTEGRITY OF APPLICATIONS RUNNING ON YOUR CHIPS.
Not doing so may cause damage, or in some cases even physical incidents. Furthermore, intellectual property might be copied, leaked, or compromised, causing a loss of competitive advantage. All this can result in litigation cases, compensation fees, and, ultimately, damage to your reputation and bottom line.
Why software alone is not up to the task
The required level of security for a processor depends on many factors that may often only become clear once it is up and running.
DEPENDING ON SOFTWARE ALONE TO PROTECT A PROCESSOR AND ITS APPLICATIONS MAY NOT BE THE BEST IDEA
Software is most often the layer that is added last, and the temptation looms large to delay all decisions about security to the moment the processor is ready. That, however, resembles building a house without solid walls and locks and then depending on written warnings to deter intruders.
Also, if the cryptography is to be entirely run in software and there is frequent authentication and moderate to heavy cryptography, the processor may be loaded up to 80-100% with the necessary calculations at a given time.
This may seriously downgrade the performance of the applications, halting them altogether at times. Also, software cryptography may leak more critical information, making it easier for hackers to stage successful attacks. Even with direct information unavailable, software operations are still more prone to side-channel attacks.
Therefore, it is wiser to implement security in the hardware and to consider doing so from the get-go. Such a secure and efficient solution requires a well-thought-out process. This process that involves starting the security analysis at the very beginning of the development cycle before any specific development or coding has begun. A process that also considers all issues such as how to store keys, securely update a device, debug securely and repair without security risks.
Security in hardware, relieving you from security headaches
RISC-V has a native set of solid security mechanisms, including 4-ring trust, secure interrupt processing, and a mechanism for physical memory protection (PMP). To add to that, many companies have released solutions in the form of extensions and hardware IP blocks. These include cryptographic libraries, roots of trust, and security vaults. They can be taken into account and added early on in the design process and relieve you of security headaches.
One of the most comprehensive solutions is the one offered by Silex Insight. A true security vault and root-of-trust core, can serve as the basis to secure almost all applications including IoT, edge sensors, storage devices, or communication.
Called eSecure, the solution sets up a separate RISC-V secure CPU. It comes with secure APIs for the host secure storage, peripherals, RAM, etc., which can call on its authentication and cryptographic services without ever getting access to the system’s secrets.
eSecure comes loaded with features
Each of these may be found in other dedicated solutions, but here they are tuned together to provide a comprehensive security solution:
- DEVICE UNIQUE IDENTITY
For each device, a key may be generated based on the unique properties of the underlying hardware. Such physical unclonable functions (PUFs) are the device’s unique, unforgeable fingerprint.
- SECURE BOOT
A secure boot process ensures that only correct, unaltered software is run.
- SECURE STORAGE
The keys can be stored securely, in hardware, and will not leave the module.
- SIDE-CHANNEL ATTACK PROTECTION
There is protection against side-channel attacks, where the perpetrators would try to exploit the physical properties of the system such as energy usage to deduce the system’s secrets and gain access.
Attempts to tamper with the device will be detected and logged.
- WIDE VARIETY OF CRYPTOGRAPHIC FUNCTIONS
There’s a mechanism to securely offload authentication and encryption functionality. This is based on a comprehensive library that supports the latest standards and algorithms, including, for example, those that are required on the Chinese market.
- SECURE DEBUGGING AND OTA UPDATES
eSecure comes with a mechanism for secure debugging and updating (OTA, Over the Air).
To give you even more ease of mind, the algorithms come with several highly trustworthy certifications. All relevant algorithms have a NIST CAVP certification; up to FIPS 140-2 level 3 has been achieved. For the payment card industry, the solution is PCI DSS certified. There is an OSCCA certification for the Chinese market, and eSecure can be engineered into automotive HSM solutions (ISO 26262).
To cater to a variety of customers, use cases, and applications, the eSecure module is highly configurable and offers a variety of options in terms of security functions, performance, area, and power consumption. As a result, it can be fit precisely to your needs, resulting in the best trade-off and lowest production cost.
Let’s make RISC-V processors synonymous with security
Processors based on RISC-V are projected to assume a growing share of the connected IoT and IIoT markets. However, they
can only do so if they provide tight security to guard the confidentiality and integrity of applications and data.
Hardware IP blocks, such as those from Silex Insight, form an efficient and elegant way to provide that security.
WITH THESE SOLUTIONS, SYSTEM INTEGRATORS AND APPLICATION BUILDERS CAN DESIGN A TRUSTED, SECURE PROCESSOR THAT RELIEVES THEM OF MUCH OF THE SECURITY HEADACHE AND MAKES THEIR APPLICATIONS READY FOR EVEN THE MOST DEMANDING AND REGULATED ENVIRONMENTS.
If you’d like to discuss solutions and challenges and see where eSecure could fit into your development, please contact us today.
About Silex Insight
Silex Insight is a recognized market-leading independent supplier of Security IP solutions for embedded systems and custom OEM solutions for AVoIP/Video IP codec. The security platforms and solutions from Silex Insight include flexible and high-performance crypto-engines which are easy to integrate and an eSecure IP module that provides a complete security solution for all platforms. For custom OEM solutions for AVoIP/Video IP codec, Silex Insight provides high-end image and video compression solutions for distributing low latency, 4K HDR video over IP. Development take place at the headquarters near Brussels, Belgium.
If you wish to download a copy of this white paper, click here