Systematically Securing the RISC-V - Secure Foundation for Embedded Functionality - Marko Mitic

Systematically Securing the RISCV - Secure Foundation for Embedded Functionality - Marko Mitic, NVIDIA Drawing inspiration from the academic/industry work around Multiple Independent Levels of Security and Safety (MILS), NVRISCV/Peregrine security architecture is presented that offers multiple isolated execution environments - partitions, all running on the same physical processor with SW defined and HW enforced capabilities. NVRISCV is NVIDIA’s implementation of the RISC-V ISA and Peregrine subsystem includes NVRISCV and multiple peripherals. They show how fine-grain access controls, formally verified for correctness, allow following the principle of least privilege for each partition. NVRISCV provides secure boot that starts with an immutable HW, the chain of trust extends to the Secure Monitor in SW, where partition policies are set up and isolation enforced using HW controls. Boot and Secure Monitor software is implemented in SPARK, formally verifiable programming language with verification toolset. Holi