Sancus: Lightweight and Open-Source Trusted Computing for the IoT

Research Plan for year 1: The first yearly work plan for the proposal titled “Domain-specific Secure processor design inherently resistant to micro-architectural side-channel attacks” is to investigate each and every architectural components in an embedded Risc-V processor from the security standpoint and understand whether the each of the component could be exploited under certain assumptions. It may also happen that the components alone are secure, but could pose to be exploitable when multiple events are combined. Thus one of the foremost and interesting objective is to rethink the Risc-V architecture from the viewpoint of a security engineer and thus to uncover Micro-architectural vulnerabilities in the existing design. In this exercise, the experiments and the domain knowledge acquired is extremely essential for the next phase of the project.The next phase of the project is to design the new secure processor architecture with a bottom-up approach. The ultimate objective is to explore the security vs performance benefits of the new design primitives. For this, we choose the Sancus project and aim to incorporate the secure design alternatives to the main framework of the ongoing Sancus research. The inherent advantages that Sancus provides are Software Module Isolation, remote attestation, secure communication, secure linking, confidential deployment, hardware breach confinement. The ultimate objective of this project would be to combine the good of the both worlds architecture and security and deploy the entire workable design on the FPGA.

Keywords:Secure processor design, micro-architectural attacks, RISC-V

Disciplines:Computer communication networks