HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

To ensure secure and trustworthy execution of applications in potentially insecure environments, vendors frequently embed trusted execution environments (TEE) into their systems.
Applications executed in this safe, isolated space are protected from adversaries, including a malicious operating system.
TEEs are usually build by integrating protection mechanisms directly into the processor or by using dedicated external secure elements.
However, both of these approaches only cover a narrow threat model resulting in limited security guarantees.
Enclaves nested into the application processor typically provide weak isolation between the secure and non-secure domain, especially when considering side-channel attacks.
Although external secure elements do provide strong isolation, the slow communication interface to the application processor is exposed to adversaries and restricts the use cases.
Independently of the used approach, TEEs often lack the possibility to establish secure communication to peripherals, and most operating systems executed inside TEEs do not provide state-of-the-art defense strategies, making them vulnerable to various attacks.

We argue that TEEs, such as Intel SGX or ARM TrustZone, implemented on the main application processor, are insecure, especially when considering side-channel attacks.
In this paper, we demonstrate how a heterogeneous multicore architecture can be utilized to realize a secure TEE design.
We directly embed a secure processor into our HECTOR-V architecture to provide strong isolation between the secure and non-secure domain.
The tight coupling of the TEE and the application processor enables HECTOR-V to provide mechanisms for establishing secure communication channels between different devices.
We further introduce RISC-V Secure Co-Processor (RVSCP), a security-hardened processor tailored for TEEs.
To secure applications executed inside the TEE, RVSCP provides hardware enforced control-flow integrity and rigorously restricts I/O accesses to certain execution states.
RVSCP reduces the trusted computing base to a minimum by providing operating system services directly in hardware.
Original languageEnglish
Title of host publication2021 ACM Asia Conference on Computer and Communications Security
Publication statusAccepted/In press - 1 Mar 2021
Event2021 ACM Asia Conference on Computer and Communications Security - Virtuell, China
Duration: 7 Jun 202111 Jun 2021
https://asiaccs2021.comp.polyu.edu.hk/

Conference

Conference2021 ACM Asia Conference on Computer and Communications Security
Abbreviated titleACM ASIACCS 2021
CountryChina
CityVirtuell
Period7/06/2111/06/21
Internet address

Fingerprint Dive into the research topics of 'HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment'. Together they form a unique fingerprint.

Cite this