Security First: Implementing Trust by Design

Security First: Implementing Trust by Design

To protect against flaws such as Meltdown and Spectre, chipmakers are increasingly opting for the RISC-V security core as a solution.

Earlier this year, two vulnerabilities known as Meltdown and Spectre were independently disclosed by multiple security researchers. The flaws exploited critical vulnerabilities across a wide range of modern processors, including ones from Intel, ARM, and AMD.

When they were made public earlier this year, Meltdown and Spectre gained widespread attention. While they weren’t the first high-profile semiconductor security flaws we’ve seen, they represented a new class of vulnerabilities related to crucial performance features.

Meltdown and Spectre clearly demonstrate the risks of favoring performance over security, an approach that has seemingly been accepted in the semiconductor industry for decades. The industry is in desperate need of a new security paradigm that removes security-critical functionality from insecure processors.

Increasingly, chipmakers are looking at the open-source RISC-V architecture, which was unaffected by either vulnerability, as a solution to this new class of flaws. Now special-purpose processors are being built with security in mind.

Putting Security First with a RISC-V Security Core

To avoid vulnerabilities such as Meltdown and Spectre, we need processors that execute sensitive cryptographic and security functions in a secure core that’s physically separated from the primary CPU. With legacy architectures like x86 and ARM subject to known—and likely also unknown--vulnerabilities, basing these security cores on RISC-V can provide a strong root-of-trust for a wide range of applications and verticals.

Secure RISC-V cores that are siloed from the primary processor can securely run sensitive code, processes, and algorithms. These cores also can utilize advanced anti-tamper features to provide the highest level of security and protection against a wide range of sophisticated attacks, including key-injection and fault-injection (glitching) attacks, as well as offering a range of integrated countermeasures against side-channel attacks, including differential power analysis (DPA) .

Additional capabilities should include support for secure boot and runtime integrity, remote attestation, broad crypto acceleration for symmetric and asymmetric algorithms, dedicated secure memories, multiple roots-of-trust, as well as a comprehensive SDK and support for third-party security applications.

RISC-V security cores can help organizations offer solutions that begin with the chip-development process and continue throughout the entire device lifecycle. By establishing the trust chain early in the silicon manufacturing process, a secure core can enable trusted provisioning and robust auditing of security-related activity throughout all phases of the chip lifecycle.

In addition, a dedicated RISC-V security core can create new revenue streams by enabling value-add features. This facilitates downstream key provisioning and supports end-to-end security services based on a Software as a Service (SaaS) model. 

Securing Multiple Verticals

A major benefit of a programmable RISC-V security core is the flexibility to secure devices across many different applications and multiple verticals, including:

  • The Internet of Things (IoT): The U.S. Department of Homeland Security (DHS) recommends that IoT devices utilize chips with security embedded in the processor to provide encryption, anonymity, and other security functions. A RISC-V core enables companies to follow this DHS recommendation by supporting mutual authentication, routine attestation checks, secure over-the-air (OTA) device updates, disaster recovery and key management, as well as the decommissioning and reassigning of keys to better manage devices and mitigate various attacks, including distributed denial of service (DDoS).
  • Automotive: Potential automotive security vulnerabilities include unprotected vehicle-to-vehicle communication, unauthorized collection of driver or passenger information, seizing control of critical systems such as brakes or accelerators, intercepting vehicle data, tampering with third-party dongles, and altering over-the-air (OTA) firmware updates. A RISC-V secure core can provide protection against such vulnerabilities, and ensure organizations maintain the integrity of automotive OTA updates.
  • Connectivity: Cellular modems, network processors, and Wi-Fi chips all connect various systems and devices. Ensuring the security of these types of connectivity chips is mandatory for the protection of the systems and devices that use them to communicate. A RISC-V secure core can help protect data passing through the chips, prevent unauthorized access, and mitigate DDoS attacks.
  • Sensors: Various types of sensors are increasingly being used for security-sensitive applications, including biometric sensors such as fingerprint and iris scanners, security cameras, and environmental sensors. Sensor processors with a RISC-V security core are able to prevent the unauthorized access to sensitive user data.

Meltdown and Spectre clearly illustrated the critical need for a new security paradigm that executes sensitive cryptographic functions in a secure core that’s physically siloed from the primary CPU. Secure cores based on RISC-V provide primary processors with a full suite of security services and support for multiple verticals. The semiconductor industry needs a core that enables organizations to create end-to-end solutions spanning from silicon to services, and a RISC-V security core is the answer.

Ben Levine is Senior Director of Product Management for the Rambus Security Division.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish