The SiFive Open Secure Platform Architecture...2019/12/12 · The SiFive Open Secure Platform...

COPYRIGHT 2019 SIFIVE. ALL RIGHTS RESERVED.11

The SiFive Open Secure Platform Architecture

Dany Nativel, SiFive Security Director

DEC. 10, 2019


SoC Security Best Practices


Securing The RISC-V Revolution

Multi-Core Privilege Modes

Per Memory PMP Regions

Per Peripheral Access Control

Per Core or Per PID Protection

H/W Bus Master Coverage

Unified Open Hardware and Software Security


The SiFive Open Secure Platform Architecture

SoC LevelScalableOpen


Implementing An Open, Scalable and Secure Platform

RoT

Threat Prevention

Validated Crypto Engines

Operating System

Communications

Secure Lifecycle


SiFive Shield Root of Trust

Per Device Unique ID

Secure On Device Key Storage

Easy to Audit

Version Management

Extensible

Flexible Key Management

Certificates Installed At Time Of Manufacture

Controls for Enabling & Disabling Debug & Trace Features

Third Party Verified


SiFive Shield Secure Boot Flow

An Open and Auditable boot flow


SiFive Shield Open Source Secure Boot ROM

https://github.com/sifive/secure-bootloader-sifive

• SHA-384 secure hash

• secp384r1 ECDSA digital signature

• Boot sources (UART, USB, QSPI, eMMC)

• Key management

• Secure update mechanisms

• Second Level Boot support

• Support for custom applets

• Patch support of ROM functions

• Debug & trace authentication

Firmware Security

Secure Boot ROM features


SiFive Secure Debug and Trace IP

Enabling Secure Nexus™ Trace, Advanced Debug, and Arm® Coresight™ compatibility


SiFive Shield Threat Prevention

Secure SoC Design Enabled By Threat Modelling

RISC-V SoC

Core 0 Core n

Last Level CacheDMA

Other Bus Masters

Crossbar

Memories Peripherals

Cache Cache




RISC-V SoC

Core 0 Core n

Last Level CacheDMA

Other Bus Masters

Crossbar


Cache Cache

Fault Detectors

RISC-V PMP/PMA

Cache Attack Protections




RISC-V SoC

Core 0 Core n

Last Level CacheDMA

Other Bus Masters

Crossbar


Cache Cache

Fault Detectors

RISC-V PMP/PMA

Cache Attack Protections

SiFiveWorldGuard


Multi-Domain Security Model with Fine Grain

Control

A Fine-Grain Security Model for Isolated Code & Data Protection

SoC Level Information Control with

Hardware Isolation

Data Protection For Cores, Caches,

Interconnects, Peripherals

and Memories


SiFive WorldGuard

Core n

Memories

L1 Cache

Last Level Cache

WID markerCore 0 WID

WG PMP

Region x

Core n WID

WID marker

Ch 0WID

Ch n WID

Other busmasters

WID marker

Peripherals

WG Filter

Peripheral x

Crossbar

Channel 0

Channel n

DMA

Ch #

WID marker

L1 Cache

Tag Data WID WID checker WID

Authorized WIDs

Peripheral xAuthorized

WIDsRegion x

Authorized Modes

Core 0(trusted)


SiFive Shield Verified Crypto Engines

FIPS SP 800-90A/B/C SHA-2

SHA-3

Block Cipher

Authenticated Encryption

RSA

ECDSA

Open Source Cryptographic Library https://github.com/sifive/soscl


SiFive Shield – Software & Communications

A Single S/W Platform Based on Open Source Software

FreeRTOS

SiFive Freedom Metal

Linux

SiFi

veW

orl

dG

uar

dM

on

ito

r

Customer Hardware

OpenSSL wrappers2n TLS Wrapper

Cloud Service Provider Connector

OpenSSLs2n TLS

SiFive Open Source

External Open Source

SiFi

veC

ryp

togr

aph

ic L

ibra

ry


SiFive Shield Secure Lifecycle

Certificate & Key Provisioning Services

Secure Key Generation

Crypto & TRNG Evaluations

SiFive WorldGuard Audit

Secure Debug


Feature ‘Competitive’ Solutions

Support for Multiple Worlds Unlimited Partial

Multi-Core Support Yes Partial

Software complexity Low Very High

Recompilation Requirement None Full

Full ISR in user mode Yes (RISC-V) No

Isolation per PID Yes No

DMA Protection Yes Yes

Memory & Peripheral Filter Yes Yes

In-house Crypto Engines Yes Yes

Key provisioning SiFive Service (or 3rd Party) 3rd Party

Open Source Secure Boot Yes Yes

Competitive overview


A Scalable, Complete, Platform Security Solution

Formally Verified Secure Debug

FOSS Secure Boot/uBoot

Key Storage

FOSS Secure Update

Root of Trust

Unique S/N

RISC-V ISA

Verified Crypto

OpenSSL

Key Provisioning

Secure Lifecycle

SiFive Core IP

SiFive WorldGuard

Threat Prevention

RISC-V PMP/PMA

Cache Attack Protection

Fault Detectors

FOSS Crypto Library

TRNG

AES

SHA

RSA/ECDSA

CommunicationsSoftware

FreeRTOS

Freedom Metal BSP

Linux

Freedom SDK

OpenSSL Wrapper

s2n TLS Wrapper

Secure Supply Chain

Security Evaluations

Formal Verifications

FOSS WorldGuard Monitor

Cloud Service Provider Connector

s2n TLS

Community Security Evaluation SiFive Community or 3rd partyExternal Lab Security Evaluation RISC-V Foundation


Crypto Engines

TRNG

Crypto Library

Secure Boot

Secure Debug

Firmware Signing Tools

Certificate Provisioning

SiFive WorldGuard

SiFive WorldGuard Monitor

Secure Boot eMMC

Fault Detectors

Key Provisioning

TLS stacks

Cloud Connectors

25Gb/s AES

Secure Enclave

DDR Encryption & Integrity

Control Flow Integrity

Post Quantum Cryptography

1, 2- See Endnote For Details


©2019 SiFive, Inc. All rights reserved. All trademarks referenced herein belong to their respective companies. This presentation is intended for informational purposes only and does not form

any type of warranty.

Certain information in this presentation may outline SiFive’s general product direction. The presentation shall not serve to amend or affect the rights or obligations of SiFive or its licensees under

any license or service agreement or documentation relating to any SiFive product. The development, release, and timing of any products, features, and functionality remains at SiFive’s sole

discretion.

Arm and CoreSight are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere.

IEEE-ISTO 5001 and Nexus 5001 Forum are trademarks of the IEEE-ISTO.

facebook.com/SiFive @SiFive linkedin.com/company/sifive sifive.com

Thank You

https://www.facebook.com/SiFive/

https://twitter.com/SiFive/

linkedin.com/company/sifive

sifive.com

The SiFive Open Secure Platform Architecture...2019/12/12 · The SiFive Open Secure Platform...

Documents

Transcript of The SiFive Open Secure Platform Architecture...2019/12/12 · The SiFive Open Secure Platform...