Protecting RISC-V Processors against Physical Attacks

Mario Werner, Robert Schilling
RISC-V Workshop Zurich, 2019

Slides Video Info

Abstract

RISC-V is well-suited for a wide variety of applications, which ranges from simple microcontrollers to high-performance CPUs. As an increasing number of commercial vendors now adopt the architecture in their products, its security aspects are becoming a significant concern. For embedded applications, one of the main security risks are attackers with direct physical access to the microchip. These physical attackers can perform highly powerful attacks that span from memory probing to power analysis up to fault injection and analysis.

In this talk, we give an overview of the capabilities of attackers with direct physical device access, common threat models and attack vectors, and possible countermeasures. We present our current approaches to secure RISC-V processors against fault injection attacks on the microchip itself. First, we show how to protect the control-flow against fault attacks by using an encrypted instruction stream and decrypting it on-the-fly in a newly added pipeline stage between the processor's fetch and decode unit. Second, we show how to protect conditional branches against fault injection by adding redundancy to the comparison operation and entangling the comparison result with the encrypted instruction stream. Finally, we show an approach to protect all pointers and memory accesses from tampering.