# TRUSTED EMBEDDED SYSTEMS BASED ON RISC-V PROCESSORS



Instituto de Microelectrónica de Sevilla

PIEDAD BROX JIMÉNEZ brox@imse-cnm.csic.es



#### **OUTLINE**

- 1. Motivation
- 2. Chains of Trust
- 3. Root of Trust (RoT) for Embedded Systems
- 4. Building blocks of a hardware RoT
- 5. Available solutions for Trusted Embedded Systems using RISC-V
- 6. Conclusions

# **1. MOTIVATION**

IMSE

- Open hardware revolution
- Attractive solution:
  - ✓ Open-source, royalty-free Instruction Set Architecture (ISA)
  - ✓ Features to increase computer speed, yet reduce cost and power use
  - $\checkmark$  Optional extensions  $\rightarrow$  customized designs
- Processor innovation:
  - $\checkmark$  Attractive solution for industry  $\rightarrow$  start-ups
  - $\checkmark\,$  Companies that belongs to RISC-V foundation
- Hardware manufacturer  $\rightarrow$  solution for IoT embedded devise



### **1. MOTIVATION**

nsti<u>tuto d</u>e

Microelectrónica de Sevilla

**IMSE** 

- Security and Privacy for electronic devices
  - ✓ Digital societies
- The core of cybersecurity  $\rightarrow$  CIA triad:
  - ✓ Confidentiality: control access to information
  - ✓ Integrity: data should be trustworthy and accurate over its lifetime
  - ✓ Availability: reliable and constant access to data
- Privacy respectful solutions



### **1. MOTIVATION**

Microelectrónica

de Sevilla

IMSE

-cnm

- RISC-V vulnerability
  - ✓ Well-known architecture
  - ✓ SCARV: a side-channel hardened RISC-V platform (research project)
- Trusted embedded systems based on RISC-V processors
  - ✓ Hardware dedicated modules
- Multidisciplinary teams



# **2. CHAINS OF TRUST**

nstituto de

Microelectrónica

IMSE

-cnm

- Hybrid (hardware/software) nature of an embedded system
- A trusted chain is required:
  - ✓ Hardware → device identity
  - Software  $\rightarrow$  bootloader and operating system
  - ✓ Applications
  - ✓ Network
- Authentication at every level





# **3. Rot on embedded systems**

- Root-of-Trust (**RoT**)  $\rightarrow$  always be trusted
- Alternatives:
  - ✓ Software
  - ✓ Hardware
  - ✓ Hybrid
- Device Authentication → Challenge-response protocol





- Building blocks [1]:
  - ✓ Device identity → Physical Unclonable Functions (**PUF**)
  - ✓ Entropy source
  - ✓ Crypto functions







- PUF definition: Challenge-Response Pair (CPR)
- PUF characteristics:
  - ✓ Unclonable
  - ✓ Uniqueness
  - ✓ Reproducibility
  - Unpredictable
- Silicon PUFs [2]:
  - ✓ SRAM
  - ✓ Ring Oscillators
- PUF assumptions:
  - ✓ A Response ( $R_i$ ) gives negligible info on another Response ( $R_j$ )
  - Infeasible to model PUF (accurately)
  - ✓ Physical tampering will destroy it or will modify radically





#### **<u>4. BUILDING BLOCKS OF A HARDWARE Rot</u>**

• Design of a silicon PUF





- Design of a silicon PUF
- PUF  $\rightarrow$  cryptographic keys:
  - ✓ Key Enrolment Phase







- Design of a silicon PUF
- PUF  $\rightarrow$  cryptographic keys:
  - ✓ Key Enrolment Phase
  - ✓ Key Regeneration Phase





- Generation of random numbers [2]:
  - Initialization vectors
  - ✓ Nonces
  - ✓ Challenges
  - Keys
- Source entropy:
  - Unpredictable PUF behaviour
- One example:
  - ✓ SRAM PUF: start-up values

**Process Variations** 





SRAM Start-up Values





- Crypto functions: CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) [3]
  - ✓ Symmetric Cryptography
  - ✓ Authenticated ciphers
  - ✓ SW and HW realizations
  - ✓ Portfolio of solutions

| Introduction<br>Secret-key cryptography<br>Disasters<br>Features                                                                                                                     | CAESAR: Competition for Authenticated Encryption: Security, Applicability, and Robustness Timeline                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Focused competitions:<br>AES<br>eSTREAM<br>SHA-3<br>PHC<br>CAESAR                                                                                                                    | M-20, 2012.07.05-06: DIAC: Directions in Authenticated Ciphers. Stockholm.     M-14, 2013.01.15: Competition announced at the Early Symmetric Crypto workshop in Mondorf-les-Bains; also announced online.     M-7, 2013.08.11-13: DIAC 2013: Directions in Authenticated Ciphers 2013. Chicago.     M0, 2014.03.15: Deadline for first-round submissions.     M2, 2014.05.15: Deadline for first-round submissions.                                                                                                                                                                                                                                                                                                                 |
| Broader evaluations:<br>CRYPTREC<br>NESSIE                                                                                                                                           | M5, 2014.08.23-24: DMC 2014: Directions in Authenticated Cliphers 2014. Santa Barbara.     M16, 2015.07.07; Announcement of second-round candidates.     M17, 2015.08.29; Deadline for second-round tweaks.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
| CAESAR details:<br>Submissions<br>Call for submissions<br>Call draft 5<br>Call draft 4<br>Call draft 3<br>Call draft 2<br>Call draft 1<br>Committee<br>Frequently asked<br>questions | Mits, 2015.09.15: Deadline for second-round software. Mits, 2015.09.15: Dosodilos in Authenticated Ciphers 2015. Singapore. MZ7, 2016.08.30: Deadline for Verliog/VHDL. MZ9, 2016.08.15: Announcement of Initi-fround candidates. MX00, 2016.09.15: Deadline for Initi-fround Weaks. MX00, 2016.09.25: Deadline for Initi-fround Software. MX01, 2016.01.15: Deadline for Initi-fround Software. MX01, 2017.07.15: Deadline for Initi-fround Verliog/VHDL. MX01, 2017.07.15: Deadline for Initi-fround Software. MX02, 2018.03.05: Announcement of Initi-fround Software. MX03, 2018.03.05: Announcement of Initi-fround Software. MX03, 2018.03.05: Announcement of Initi-fround Software. MX04, 2017.07.15: Deadline for piptings. |

- 1) Lightweight applications (resource constrained environments)
- 2) High-performance applications
- 3) Defense in depth



- Crypto functions: NIST Post-Quantum Competition [4]
  - ✓ Second round (26 candidates)
  - ✓ Two categories
    - 1) Public-key Encryption and Key-establishment Algorithms
    - 2) Digital Signatures Algorithms





#### 5. AVAILABLE SOLUTIONS FOR TRUSTED EMBEDDED SYSTEMS USING RISC-V

- CrytpoManager Root of Trust (provided by Rambus) [5]:
  - Family of fully-programmable hardware security co-processor
  - ✓ Security IP
  - ✓ Custom RISC-V CPU (specifically for security)
  - ✓ Standard applications
- Closed solution:
  - ✓ Not privacy-respectful solution
  - ✓ Lack of flexibility to include new crypto functions





#### 5. AVAILABLE SOLUTIONS FOR TRUSTED EMBEDDED SYSTEMS USING RISC-V

- An attested execution processor (Sanctum Processor) [6]:
  - ✓ Secure boot process and remote attestation
  - ✓ Chain of trust rooted at hardware → PUF
  - ✓ RISC-V Rocket chip architecture
- Keystone [7]:
  - ✓ Open framework for custom Trusted Execution Environments
  - ✓ Use of secure hardware enclaves
  - ✓ Authenticate software and chip itself
- Further improvements:
  - ✓ Not integration of hardware crypto functions
  - ✓ Not conceived for small devices (embedded systems)



# **6. CONCLUSIONS**

IMSE

- RISC-V core + Hardware RoT
- Building blocks of RoT (modular, flexible, extensible solution):
  - 1. Silicon PUF
    - ✓ Source of entropy
    - ✓ Re-generation of cryptographic keys & device authentication
  - 2. Software Authenticity
    - ✓ Secure bootloader using PUF response
    - Trusted Execution Environment (TEE) running on top of RISC-V

#### 3. Trusted Applications

- Privacy Enabling Tools, Remote Attestation
- Open issues:
  - Integration of hardware crypto functions
  - Design of hw RoT for small devices (embedded systems)
  - ✓ Inclusion of trusted applications to provide end-to-end solutions

#### **REFERENCES**

IMSE

[1] M. Alioto, "Trends in Hardware Security: From basics to ASICs," IEEE Solid-State Circuits Mag., 2019

[2] C. Herder, M.-D. Yu, F. Koushanfar, S. Devadas, "Physical Unclonable Functions and Applications: A Tutorial", Proc. Of the IEEE, 102 (8), 2014

[3] <u>https://competitions.cr.yp.to/caesar.html</u>

[4] <u>https://csrc.nist.gov/Projects/Post-Quantum-Cryptography</u>

[5] https://www.rambus.com/security/root-of-trust/cryptomanager-root-of-trust/

[6] I. Lebedev, K. Hogan, S. Devadas, "Secure Boot and Remote Attestation in the Sanctum Processor", IEEE 31st Computer Security Foundations Symposium (CSF), 2018

[7] D. Lee, D. Kohlbrenner, S. Shinde, D. Song, K. Asanovic, "Keystone: An Open Framework for Architecting TEEs", arXiv: 1907.10119, 2019

# TRUSTED EMBEDDED SYSTEMS BASED ON RISC-V PROCESSORS



Instituto de Microelectrónica de Sevilla

PIEDAD BROX JIMÉNEZ brox@imse-cnm.csic.es