The SiFive Open Secure Platform Architecture...2019/12/12 · The SiFive Open Secure Platform...
Transcript of The SiFive Open Secure Platform Architecture...2019/12/12 · The SiFive Open Secure Platform...
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.11
The SiFive Open Secure Platform Architecture
Dany Nativel, SiFive Security Director
DEC. 10, 2019
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.22
SoC Security Best Practices
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.33
Securing The RISC-V Revolution
Multi-Core Privilege Modes
Per Memory PMP Regions
Per Peripheral Access Control
Per Core or Per PID Protection
H/W Bus Master Coverage
Unified Open Hardware and Software Security
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.44
The SiFive Open Secure Platform Architecture
SoC LevelScalableOpen
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.55
Implementing An Open, Scalable and Secure Platform
RoT
Threat Prevention
Validated Crypto Engines
Operating System
Communications
Secure Lifecycle
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.66
SiFive Shield Root of Trust
Per Device Unique ID
Secure On Device Key Storage
Easy to Audit
Version Management
Extensible
Flexible Key Management
Certificates Installed At Time Of Manufacture
Controls for Enabling & Disabling Debug & Trace Features
Third Party Verified
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.77
SiFive Shield Secure Boot Flow
An Open and Auditable boot flow
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.88
SiFive Shield Open Source Secure Boot ROM
https://github.com/sifive/secure-bootloader-sifive
• SHA-384 secure hash
• secp384r1 ECDSA digital signature
• Boot sources (UART, USB, QSPI, eMMC)
• Key management
• Secure update mechanisms
• Second Level Boot support
• Support for custom applets
• Patch support of ROM functions
• Debug & trace authentication
Firmware Security
Secure Boot ROM features
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.99
SiFive Secure Debug and Trace IP
Enabling Secure Nexus™ Trace, Advanced Debug, and Arm® Coresight™ compatibility
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1010
SiFive Shield Threat Prevention
Secure SoC Design Enabled By Threat Modelling
RISC-V SoC
Core 0 Core n
Last Level CacheDMA
Other Bus Masters
Crossbar
Memories Peripherals
Cache Cache
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1111
SiFive Shield Threat Prevention
Secure SoC Design Enabled By Threat Modelling
RISC-V SoC
Core 0 Core n
Last Level CacheDMA
Other Bus Masters
Crossbar
Memories Peripherals
Cache Cache
Fault Detectors
RISC-V PMP/PMA
Cache Attack Protections
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1212
SiFive Shield Threat Prevention
Secure SoC Design Enabled By Threat Modelling
RISC-V SoC
Core 0 Core n
Last Level CacheDMA
Other Bus Masters
Crossbar
Memories Peripherals
Cache Cache
Fault Detectors
RISC-V PMP/PMA
Cache Attack Protections
SiFiveWorldGuard
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1313
Multi-Domain Security Model with Fine Grain
Control
A Fine-Grain Security Model for Isolated Code & Data Protection
SoC Level Information Control with
Hardware Isolation
Data Protection For Cores, Caches,
Interconnects, Peripherals
and Memories
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1414
SiFive WorldGuard
Core n
Memories
L1 Cache
Last Level Cache
WID markerCore 0 WID
WG PMP
Region x
Core n WID
WID marker
Ch 0WID
Ch n WID
Other busmasters
WID marker
Peripherals
WG Filter
Peripheral x
Crossbar
Channel 0
Channel n
DMA
Ch #
WID marker
L1 Cache
Tag Data WID WID checker WID
Authorized WIDs
Peripheral xAuthorized
WIDsRegion x
Authorized Modes
Core 0(trusted)
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1515
SiFive Shield Verified Crypto Engines
FIPS SP 800-90A/B/C SHA-2
SHA-3
Block Cipher
Authenticated Encryption
RSA
ECDSA
Open Source Cryptographic Library https://github.com/sifive/soscl
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1616
SiFive Shield – Software & Communications
A Single S/W Platform Based on Open Source Software
FreeRTOS
SiFive Freedom Metal
Linux
SiFi
veW
orl
dG
uar
dM
on
ito
r
Customer Hardware
OpenSSL wrappers2n TLS Wrapper
Cloud Service Provider Connector
OpenSSLs2n TLS
SiFive Open Source
External Open Source
SiFi
veC
ryp
togr
aph
ic L
ibra
ry
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1717
SiFive Shield Secure Lifecycle
Certificate & Key Provisioning Services
Secure Key Generation
Crypto & TRNG Evaluations
SiFive WorldGuard Audit
Secure Debug
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1818
Feature ‘Competitive’ Solutions
Support for Multiple Worlds Unlimited Partial
Multi-Core Support Yes Partial
Software complexity Low Very High
Recompilation Requirement None Full
Full ISR in user mode Yes (RISC-V) No
Isolation per PID Yes No
DMA Protection Yes Yes
Memory & Peripheral Filter Yes Yes
In-house Crypto Engines Yes Yes
Key provisioning SiFive Service (or 3rd Party) 3rd Party
Open Source Secure Boot Yes Yes
Competitive overview
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.1919
A Scalable, Complete, Platform Security Solution
Formally Verified Secure Debug
FOSS Secure Boot/uBoot
Key Storage
FOSS Secure Update
Root of Trust
Unique S/N
RISC-V ISA
Verified Crypto
OpenSSL
Key Provisioning
Secure Lifecycle
SiFive Core IP
SiFive WorldGuard
Threat Prevention
RISC-V PMP/PMA
Cache Attack Protection
Fault Detectors
FOSS Crypto Library
TRNG
AES
SHA
RSA/ECDSA
CommunicationsSoftware
FreeRTOS
Freedom Metal BSP
Linux
Freedom SDK
OpenSSL Wrapper
s2n TLS Wrapper
Secure Supply Chain
Security Evaluations
Formal Verifications
FOSS WorldGuard Monitor
Cloud Service Provider Connector
s2n TLS
Community Security Evaluation SiFive Community or 3rd partyExternal Lab Security Evaluation RISC-V Foundation
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.2020
Crypto Engines
TRNG
Crypto Library
Secure Boot
Secure Debug
Firmware Signing Tools
Certificate Provisioning
SiFive WorldGuard
SiFive WorldGuard Monitor
Secure Boot eMMC
Fault Detectors
Key Provisioning
TLS stacks
Cloud Connectors
25Gb/s AES
Secure Enclave
DDR Encryption & Integrity
Control Flow Integrity
Post Quantum Cryptography
1, 2- See Endnote For Details
COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.2121
©2019 SiFive, Inc. All rights reserved. All trademarks referenced herein belong to their respective companies. This presentation is intended for informational purposes only and does not form
any type of warranty.
Certain information in this presentation may outline SiFive’s general product direction. The presentation shall not serve to amend or affect the rights or obligations of SiFive or its licensees under
any license or service agreement or documentation relating to any SiFive product. The development, release, and timing of any products, features, and functionality remains at SiFive’s sole
discretion.
Arm and CoreSight are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere.
IEEE-ISTO 5001 and Nexus 5001 Forum are trademarks of the IEEE-ISTO.
facebook.com/SiFive @SiFive linkedin.com/company/sifive sifive.com
Thank You