Industry Expert Blogs
On the Path to a Secure Boot Solution for RISC-VIoT Security Blog - SecureRFApr. 30, 2018 |
As the RISC-V ISA gains in popularity and more industries proceed with plans to build and deploy systems based on RISC-V technologies, the security requirements of those systems will grow. One avenue that hackers have used to exploit systems has been to modify the firmware and cause it to misbehave. For example, one of the recent vehicle hacks involved corrupting firmware in order to jump from an infotainment center to the CAN-BUS. The solution to this style of attack is a secure boot, and with minimal additions to the ISA, RISC-V can provide secure boot hooks directly.
Secure boot is a self-hosted root of trust that uses a digital signature and a known, trusted, public key to protect the firmware before it loads. The RISC-V system validates the signature over the firmware using the trusted public key and will run the code only if the signature verifies correctly. If the firmware has been modified in any way, the signature validation will fail. Once this initial trusted load completes, subsequent loads can use the same process to chain the trust to additional loads.
Related Blogs
- Mitigating Side-Channel Attacks In Post Quantum Cryptography (PQC) With Secure-IC Solutions
- QuiddiKey: A Single Cryptographic Solution for the Lifecycle of a Connected Device
- Digitizing Data Using Optical Character Recognition (OCR)
- Arm and Arteris Drive Innovation in Automotive SoCs
- Intel Embraces the RISC-V Ecosystem: Implications as the Other Shoe Drops