Secure IoT Firmware For RISC-V Processors
March 26, 2021 Leave a comment
Credits: Embedded World Conference 2021 Proceedings, http://www.embedded-world.eu
Abstract — Building secure RISC-V devices is challenging as the RISC-V ISA doesn’t specify the hardware blocks necessary for the trusted execution of the many 3rd party components of the software stack. RISC-V developers are left alone figuring out how to shield trusted code from unverified 3rd party software libraries. In this paper, we introduce the industry-first secure IoT stack for RISC-V. We describe and explain all hardware and software components necessary to build state-of-the-art device, firmware, and cloud management service. These include RISC-V 32-bit SoC, MultiZone Trusted Execution Environment, TCP/IP connectivity, TLS/ECC cryptography, and MQTT client and broker providing telemetry and OTA applications deployment and firmware updates. All components are built on free and open standards, distributed under permissive licensing, and freely available for download from GitHub.
INTRODUCTION
Building secure IoT firmware for embedded devices is challenging. These resource-constrained devices typically lack the hardware resources necessary for the trusted execution of the many complex 3rd party software components required for secure operations. And state-of-the-art security features like secure boot, remote attestation, authenticated access to commercial cloud services, and over-the-air (OTA) firmware updates require a number of complex 3rd party software components [1,2]. Read more of this post