Brussels / 2 & 3 February 2019

schedule

Updates from the RISC-V TEE Group

Working on a Trusted Execution Environment spec for RISC-V


In this talk, I'll try to provide an overview of the RISC-V Trusted Execution Environment working group, and what we are working on.

A Trusted Execution Environment guarantees the integrity and confidentiality of code and data, ARM has TrustZone, Intel has SGX, and we are working on a similar spec for RISC-V. Our main tool is Physical Memory Protection (PMP) functionality of RISC-V (part of the Privilege spec) for isolating memory regions of the execution environment's hart (hardware thread) from the rest of the harts on the system. We are also working on a proposal for an I/O PMP hw block for providing similar memory isolation between the different devices on the system (bus masters). The goal is to provide a flexible and scalable solution, that can work from 32bit embedded devices without MMU, to large 64bit systems with virtual machines etc, and keep it as simple and RISCy as possible.

Speakers

Photo of Nick Kossifidis Nick Kossifidis

Attachments

Links