13-d3s2-6-RISCV_Debug_Security_China_Summit_Final.pdf

1、Joe Xie,Aote Jin nVidiaRISCV DEBUG SECURITY2 The issueThe(draft)proposalAgendaThe issue4 Multi-Domain Security ModelM-mode MonitorRTOSAppRich OSManagementFirmwareAppM-modeS-modeU-modePMPMMUAppAppNon-trusted DomainTrusted DomainManagement DomainRoot DomainRISC-V SECURITY MODEL5 RISC-V EXTERNAL DEBUG

2、OVERVIEW6 RISC-V DEBUG SECURITYAll-or-nothing,controlled via fuse or authdata and authenticatedOnce enabled,external debugger has highest priority regardless of target privilege7 WHATS THE ISSUE?M-mode FirmwareNon-SecureDomainHigh-SecureDomainM-modeS-modePMPDebugModuleDMI/DTMOnce enabled,external de

3、bugger has highest privilege regardless of target privilegeA non-secure FW developer who can use debugger to debug non-secure FW can compromise high-secure FW and M-mode monitorProgram bufferDebugmode8 WHY THIS IS A PROBLEM?Modern SOC software development consists of multiple actors,they all need ex

4、ternal debug One actor wants to protect its confidential data from another actor(Silicon creator considers Silicon owner as adversary)Silicon CreatorSilicon OwnerAppProviderSOCSystemSource-Project OpenTitanDisable debug for best security!I need to debug my software!9 WHY THIS IS A PROBLEM?M-mode Mon

5、itorRTOSAppRich OSManagementFirmwareAppM-modeS-modeU-modePMPMMUAppAppTheres strong requirement to protect high security domains data even within one actor,to reduce TCBIn this example we want to protect management domain or M-mode monitor from low security domain(RTOS)when using external debugger to

6、 debug RTOSDisable Debug!Enable Debug!10 EXAMPLEOEM attack SOC vendorM-mode monitorOEM Code/DataSOC VendorCode/DataM-modeS-modePMPDebugModuleDMI/DTMAdversary OEM(or SOC vendor)Asset SOC vendor(or OEM)code/dataThe attack SOC vendor code/data shall be confidential to OEM and vice versa.However,an OEM(