Skip to main content
SpringerLink
Log in

Towards Designing a Secure RISC-V System-on-Chip: ITUS

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

A rising tide of exploits, in the recent years, following a steady discovery of the many vulnerabilities pervasive in modern computing systems has led to a growing number of studies in designing systems-on-chip (SoCs) with security as a first-class consideration. Following the momentum behind RISC-V-based systems in the public domain, much of this effort targets RISC-V-based SoCs; most ideas, however, are independent of this choice. In this manuscript, we present a consolidation of our early efforts along these lines in designing a secure SoC around RISC-V, named ITUS. In particular, we discuss a set of primitive building blocks of a secure SoC and present some of the implemented security subsystems using these building blocks—such as secure boot, memory protection, PUF-based key management, a countermeasure methodology for RISC-V micro-architectural side-channel leakage, and an integration of the open keystone-enclaves for TEE. The current ITUS SoC prototype, integrating the discussed security subsystems, was built on top of the lowRISC project; however, these are portable to any other SoC code base. The SoC prototype has been evaluated on an FPGA.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. https://cwe.mitre.org/documents/glossary/index.html

  2. e.g., BCH(398, 128, 32) capable of correcting up to 32 bit errors using 270 bits of helper data

  3. https://opentitan.org/

  4. 6.25% overhead, 2 bit-tag over every 32-bit word

References

  1. Kim Y, Daly R, Kim J, Lee JH, Lee D, Wilkerson C, Lai K, Mutlu O (2014) Flipping bits in memory without accessing them: an experimental study of dram disturbance errors. In: Proceeding of the 41st Annual International Symposium on Computer Architecuture, ser. ISCA ’14. IEEE Press, Piscataway, pp 361–372

  2. Lipp M, Schwarz M, Gruss D, Prescher T, Haas W, Fogh A, Horn J, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M (2018) Meltdown: reading kernel memory from user space. In: 27th USENIX Security Symposium (USENIX Security 18). Baltimore, MD: USENIX Association, pp 973–990

  3. Van Bulck J, Minkin M, Weisse O, Genkin D, Kasikci B, Piessens F, Silberstein M, Wenisch TF, Yarom Y, Strackx R Foreshadow: extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In: Proceedings of the 27th USENIX Security Symposium. USENIX Association, August 2018, see also technical report Foreshadow-NG

  4. Canella C, Pudukotai Dinakarrao SM, Gruss D, Khasawneh KN (2020) Evolution of defenses against transient-execution attacks. In: Proceedings of the 2020 on Great Lakes Symposium on VLSI, pp 169–174

  5. Jang Y, Lee S, Kim T (2016) Breaking kernel address space layout randomization with intel tsx. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. ACM, New York, pp 380–392. [Online]. Available: https://doi.org/10.1145/2976749.2978321

  6. McIlroy R, Sevcík J, Tebbi T, Titzer BL, Verwaest T (2019) Spectre is here to stay: an analysis of side-channels and speculative execution, CoRR, [Online]. Available: arXiv:1902.05178

  7. Ravi P, Najm Z, Bhasin S, Khairallah M, Gupta SS, Chattopadhyay A (2019) Security is an architectural design constraint, Microprocessors and microsystems, vol 68, pp 17–27, [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0141933118302229

  8. Knechtel J, Kavun EB, Regazzoni F, Heuser A, Chattopadhyay A, Mukhopadhyay D, Fei Y, Belenky Y, Levi I, Güneysu T, Schaumont P, Polian I (2020) Towards secure composition of integrated circuits and electronic systems: on the role of eda

  9. Suh GE, Clarke D, Gassend B, Van Dijk M, Devadas S (2003) Aegis: architecture for tamper-evident and tamper-resistant processing. In: Proceedings of the 17th annual international conference on Supercomputing. ACM, pp 160–171

  10. Costan V, Lebedev I, Devadas S (2016) Sanctum: minimal hardware extensions for strong software isolation. In: USENIX Security Symposium, pp 857–874

  11. Lee D, Kohlbrenner D, Shinde S, Asanovic K, Song D (2020) Keystone: an open framework for architecting trusted execution environments. In: Proceedings of the Fifteenth European Conference on Computer Systems, ser. EuroSys ’20

  12. Weiser S, Werner M, Brasser F, Malenko M, Mangard S, Sadeghi A-R (2019) Timber-v: Tag-isolated memory bringing fine-grained enclaves to risc-v. In: Proceedings 2019 - Network and Distributed System Security Symposium (NDSS). Internet Society

  13. Menon A, Murugan S, Rebeiro C, Gala N, Veezhinathan K (2017) Shakti-t: a risc-v processor with light weight security extensions. In: Proceedings of the Hardware and Architectural Support for Security and Privacy, ser. HASP ’17. Association for Computing Machinery, New York. [Online]. Available: https://doi.org/10.1145/3092627.3092629

  14. Kumar VBY, Chattopadhyay A, Haj-Yahya J, Mendelson A (2019) Itus: a secure risc-v system-on-chip. In: 2019 32nd IEEE International System-on-Chip Conference (SOCC), p 418–423

  15. Haj-Yahya J, Wong MM, Pudi V, Bhasin S, Chattopadhyay A (2019) Lightweight secure-boot architecture for risc-v system-on-chip. In: 20th International Symposium on Quality Electronic Design (ISQED), pp 216–223

  16. Kumar VBY, Gupta N, Chattopadhyay A, Kasper M, Krauß C, Niederhagen R (2020) Post-quantum secure boot. In: Design, Automation & Test in Europe Conference & Exhibition. IEEE, Grenoble

  17. Srinivasu B, Pudi V, Chattopadhyay A, Lam K (2018) CoLPUF : a novel configurable LFSR-based PUF. In: APCCAS. IEEE, pp 358–361

  18. Wong MM, Haj-Yahya J, Chattopadhyay A (2018) Smarts: Secure memory assurance of risc-v trusted soc. In: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy, ser. HASP ’18. ACM, New York, pp 6:1–6:8. [Online]. Available: https://doi.org/10.1145/3214292.3214298

  19. Lipp M, Schwarz M, Gruss D, Prescher T, Haas W, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M (2018) Meltdown, arXiv:1801.01207

  20. Kocher P, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2018) Spectre attacks: exploiting speculative execution, arXiv preprint:1801.01203

  21. Bar-El H, Choukri H, Naccache D, Tunstall M, Whelan C (2006) The sorcerer’s apprentice guide to fault attacks. Proc IEEE 94(2):370–382

  22. Murdock K, Oswald D, Garcia FD, Van Bulck J, Gruss D, Piessens F (2020) Plundervolt: software-based fault injection attacks against intel sgx. In: 2020 IEEE Symposium on Security and Privacy (SP)

  23. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Annual International Cryptology Conference. Springer, pp 388–397

  24. Group TC (2011) TPM main specification level 2 version 1.2, revision 116

  25. Ravi P, Bhasin S, Breier J, Chattopadhyay A (2018) Ppap and ippap: Pll-based protection against physical attacks. In: 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), pp 620–625

  26. Gupta N, Jati A, Chattopadhyay A, Sanadhya SK, Chang D (2017) Threshold implementations of gift: a trade-off analysis, Cryptology ePrint Archive, Report 2017/1040, https://eprint.iacr.org/2017/1040

  27. Genkin D, Shamir A, Tromer E (2013) Rsa key extraction via low-bandwidth acoustic cryptanalysis, Cryptology ePrint Archive, Report 2013/857, https://eprint.iacr.org/2013/857

  28. Bhattacharya S, Mukhopadhyay D (2016) Curious case of rowhammer: flipping secret exponent bits using timing analysis, Cryptology ePrint Archive, Report 2016/618, https://eprint.iacr.org/2016/618

  29. Niederhagen R et al Industrial use cases and requirements for the deployment of post-quantum cryptography, volume wp.1, Fraunhofer Institute for Secure Information Technology, Technical Report. [Online]. Available: https://quantumrisc.org/results/quantumrisc-wp1-report.pdf

  30. Fritzmann T, Sharif U, Müller-Gritschneder D, Reinbrecht C, Schlichtmann U, Sepulveda J (2019) Towards reliable and secure post-quantum co-processors based on risc-v. In: 2019 Design, Automation Test in Europe Conference Exhibition (DATE), pp 1148–1153

  31. Gassend B, Clarke D, van Dijk M, Devadas S (2002) Silicon physical random functions. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, ser. CCS ’02. ACM, New York, pp 148–160. [Online]. Available: https://doi.org/10.1145/586110.586132

  32. Szefer J (2016) Survey of microarchitectural side and covert channels, attacks, and defenses, Cryptology ePrint Archive, Report 2016/479, https://eprint.iacr.org/2016/479

  33. Bourgeat T, Lebedev I, Wright A, Zhang S (2018) Arvind, and S. Devadas, MI6: secure enclaves in a speculative out-of-order processor, CoRR, [Online]. Available: arXiv:1812.09822

  34. Austin TM (1999) Diva: a reliable substrate for deep submicron microarchitecture design. In: Proceedings of the 32nd Annual ACM/IEEE International Symposium on Microarchitecture, ser. MICRO 32. IEEE Computer Society, USA, p 196–207

  35. Zhang H, Ghosh S, Fix J, Apostolakis S, Beard SR, Nagendra NP, Oh T, August DI (2019) Architectural support for containment-based security. In: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, ser. ASPLOS ’19. Association for Computing Machinery, New York, pp 361–377

  36. Jauernig P, Sadeghi A, Stapf E (2020) Trusted execution environments: properties, applications, and challenges. IEEE Secur Privacy 18(2):56–60

  37. Zhang S, Wright A, Bourgeat T (2019) Composable building blocks to open up processor design. IEEE Micro 39(3):47–55, https://github.com/csail-csg/riscy-OOO

  38. Sau S, Haj-Yahya J, Wong MM, Lam KY, Chattopadhyay A (2017) Survey of secure processors. In: 2017 International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation (SAMOS), pp 253–260

  39. Sau S (2009) SHE: secure hardware extension version 1.1

  40. Lebedev I, Hogan K, Devadas S (2018) Secure boot and remote attestation in the sanctum processor, Cryptology ePrint Archive, Report 2018/427, https://eprint.iacr.org/2018/427

  41. Timmers N, Spruyt A (2016) Bypassing secure boot using fault injection, Blackhat Europe 2016

  42. de Haas J (2013) 20 ways past secure boot, Hack in the Box Security Conference

  43. Wong MM, Haj-Yahya J, Sau S, Chattopadhyay A (2018) A new high throughput and area efficient sha-3 implementation. In: 2018 IEEE International Symposium on Circuits and Systems (ISCAS), pp 1–5

  44. Wold K, Tan CH (2008) Analysis and enhancement of random number generator in fpga based on oscillator rings. In: 2008 International Conference on Reconfigurable Computing and FPGAs, pp 385–390

  45. Vermeulen B, Goossens K (2014) Debugging systems-on-chip: communication-centric and abstraction-based techniques. Springer

  46. Orme W (2008) Debug and trace for multicore socs, ARM White paper

  47. Rosenfeld K, Karri R (2010) Attacks and defenses for jtag. IEEE Des Test Comput 27(1):36–47

  48. Yang B, Wu K, Karri R (2004) Scan based side channel attack on dedicated hardware implementations of data encryption standard. In: 2004 International Conferce on Test. IEEE, pp 339–344

  49. Chiu G-M, Li JC-M (2010) A secure test wrapper design against internal and boundary scan attacks for embedded cores. IEEE Trans Very Large Scale Integr (VLSI) Syst 20(1):126–134

  50. Pierce L, Tragoudas S (2012) Enhanced secure architecture for joint action test group systems. IEEE Trans Very Large Scale Integr (VLSI) Syst 21(7):1342–1345

  51. Pierce L (2011) Multi-level secure jtag architecture. In: 2011 IEEE 17th International On-Line Testing Symposium. IEEE, pp 208–209

  52. Das A, Da Rolt J, Ghosh S, Seys S, Dupuis S, Di Natale G, Flottes M-L, Rouzeyre B, Verbauwhede I (2013) Secure jtag implementation using schnorr protocol. J Electron Test 29(2):193–209

  53. Kocher P, Horn J, Fogh A, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2019) Spectre attacks: exploiting speculative execution. In: 2019 IEEE Symposium on Security and Privacy (SP), pp 1–19

  54. Mcilroy R, Sevcik J, Tebbi T, Titzer BL, Verwaest T (2019) Spectre is here to stay: an analysis of side-channels and speculative execution

  55. Maisuradze G, Rossow C (2018) Speculose: analyzing the security implications of speculative execution in cpus

  56. Ge Q, Yarom Y, Cock D, Heiser G (2018) A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. J Cryptogr Eng 8(1):1–27

  57. Gueron S (2009) Intel’s new aes instructions for enhanced performance and security. In: Fast software encryption, Dunkelman, O, Ed. Springer, Berlin, pp 51–66

  58. Martin R, Demme J, Sethumadhavan S (2012) Timewarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks. In: 2012 39th Annual International Symposium on Computer Architecture (ISCA). IEEE, pp 118–129

  59. Yan M, Choi J, Skarlatos D, Morrison A, Fletcher CW, Torrellas J (2018) Invisispec: making speculative execution invisible in the cache hierarchy. In: Proceedings of the 51st Annual IEEE/ACM International Symposium on Microarchitecture, ser. MICRO-51. IEEE Press, Piscataway, pp 428–441

Download references

Funding

The authors acknowledge the support from the Singapore National Research Foundation (“SOCure” grant NRF2018NCR-NCR002-0001 - https://www.green-ic.org/socure)

Author information

Authors and Affiliations

  1. Nanyang Technological University, Singapore, Singapore

    Vinay B. Y. Kumar, Suman Deb, Naina Gupta, Shivam Bhasin & Anupam Chattopadhyay

  2. Technion - Israel Institute of Technology, Haifa, Israel

    Jawad Haj-Yahya & Avi Mendelson

Authors
  1. Vinay B. Y. Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Suman Deb
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Naina Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shivam Bhasin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jawad Haj-Yahya
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Anupam Chattopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Avi Mendelson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vinay B. Y. Kumar.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kumar, V.B.Y., Deb, S., Gupta, N. et al. Towards Designing a Secure RISC-V System-on-Chip: ITUS. J Hardw Syst Secur 4, 329–342 (2020). https://doi.org/10.1007/s41635-020-00108-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-020-00108-8

Keywords

Search

Navigation