English

Trusted Hart for Mobile RISC-V Security

Cryptography and Security 2023-04-28 v2 Hardware Architecture

Abstract

The majority of mobile devices today are based on Arm architecture that supports the hosting of trusted applications in Trusted Execution Environment (TEE). RISC-V is a relatively new open-source instruction set architecture that was engineered to fit many uses. In one potential RISC-V usage scenario, mobile devices could be based on RISC-V hardware. We consider the implications of porting the mobile security stack on top of a RISC-V system on a chip, identify the gaps in the open-source Keystone framework for building custom TEEs, and propose a security architecture that, among other things, supports the GlobalPlatform TEE API specification for trusted applications. In addition to Keystone enclaves the architecture includes a Trusted Hart -- a normal core that runs a trusted operating system and is dedicated for security functions, like control of the device's keystore and the management of secure peripherals. The proposed security architecture for RISC-V platform is verified experimentally using the HiFive Unleashed RISC-V development board.

Keywords

Cite

@article{arxiv.2211.10299,
  title  = {Trusted Hart for Mobile RISC-V Security},
  author = {Vladimir Ushakov and Sampo Sovio and Qingchao Qi and Vijayanand Nayani and Valentin Manea and Philip Ginzboorg and Jan Erik Ekberg},
  journal= {arXiv preprint arXiv:2211.10299},
  year   = {2023}
}

Comments

This is an extended version of a paper that has been published in Proceedings of TrustCom 2022

R2 v1 2026-06-28T06:13:25.312Z