SiFive and ProvenRun Collaborate to deliver Best-in-Class Security for RISC-V Microprocessors
Paris, France, September 27, 2022 – ProvenRun, a global leader in embedded security, today announced the availability of its flagship secure OS / TEE product called ProvenCore, integrated with SiFive® WorldGuard technology, providing powerful SoC-level mechanism for software isolation.
Modern microprocessor SoCs are designed to reduce cost by housing all functionality in a single device. This race for more features, which inevitably increases the size of the code and introduces pieces of code from multiple origins, can lead to security risks when one vulnerable piece of code can affect another, intentionally or not. Add to this the significant increase in the device’s interactions with the environment, which greatly increases the attack surface, and it makes sense to develop solutions that can guarantee that the failure of one part of the software does not affect the correct and complete functioning of other software running on the same platform.
SiFive is the leading provider of market-ready processor core IP based on the free and open RISC-V instruction set architecture. As part of their open platform secure architecture called SiFive Shield, SiFive offers to the SiFive WorldGuard solution to enable Trusted Execution Environment on its RISC-V platforms. SiFive WorldGuard is a hardware-enhanced software isolation solution that provides protection against illegal access to memory or devices by software applications and other initiators (such as DMAs). WorldGuard enables designers to create domains, also known as “worlds,” for isolated code execution and data protection. The isolation is based on multiple levels of privilege for each world, to offer SoC-level information control.
The WorldGuard solution provides a system-level approach to securing access to system resources (memory, peripherals) by software applications. This approach is ideal for creating a trusted environment, enabling a Trusted Computing Base (TCB) where the highest level of trust is limited to the secure ROM boot, the Machine-mode firmware, the secure applications, and the OperatingSystems (OSs) that implement them. This base of trust is also referred to as the “Trusted Agent.”
ProvenCore is a secure OS developed by ProvenRun using deductive formal method, to guarantee security properties such as integrity, confidentiality, correctness, and isolation in order to get as close as possible to zero defect, leaving almost no attack surface for hackers. ProvenCore is resilient against the most sophisticated attacks and has received a Common Criteria EAL7 certification. It is a key component for being able to develop security services with a high security assurance level in a cost-effective way. These security services include key services for establishing a Root of Trust (key management service (secure storage), cryptographic operation services, TRNG) but can also address advanced use cases such as Secure Firmware Update, Runtime Integrity Monitoring, Trusted UI, and more.
Using ProvenCore as a “trusted agent” in a WorldGuard configuration achieves best-in-class security for RISC-V architectures, for a scalable and flexible solution with a well-identified and auditable TCB that will meet all security requirements, up to the highest. The implementation of ProvenCore with SiFive WorldGuard can be done by dedicating a core for security, or by isolating two software domains using the same core. The latter is referred to as Trusted Execution Environment, where ProvenCore will coexist with a Rich environment on the same core. A secure monitor will ensure the coordination between the two environments while maintaining the isolation.
“Combining ProvenRun ProvenCore software and SiFive WorldGuard hardware is the best way to address system-level hardware and software isolation with a certifiable solution,” said Chris Jones, VP Products at SiFive.
ProvenRun also offers a variety of services to help device makers securing products for their entire life cycle:
• Consulting services such as risk analysis, security architecture definition, certification support, and secure provisioning
• Engineering services such as secure boot implementation and security applications development (cryptographic operation, key management, secure firmware update…)
Let’s examine key areas called out in the table above.
ABOUT PROVENRUN
ProvenRun’s mission is to provide customers with the Trusted Products and Services that will help them Embed Security within their infrastructure of connected devices wherever this is required, at the chip, device, edge or cloud levels. With our security consulting services and secure-by-design off-the-shelf product solutions, we resolve the security challenges arising from the IoT revolution while dramatically improving the protection against remote cyberattacks. For more information, www.provenrun.com