Page 22 - 23_EETE_03
P. 22
22 EE|Times EUROPE
EMBEDDED WORLD 2023: SECURITY FOCUS
Codasip Takes Up the Cause of RISC-V Processor
Security
By Saumitra Jagdale
ISC-V has gathered considerable momentum in
recent years, aided by companies like Google,
which has announced its Android mobile operating
Rsystem’s support for the open-source instruction
set architecture. Companies are using the architecture for a
variety of processing applications, and Codasip, a founding
member of RISC-V International, aims to provide customers
with tools to develop processor cores tailored to their needs.
Codasip customers have shipped more than 2 billion
cores based on RISC-V, Rupert Baines, CMO of the com-
pany, told EE Times Europe during a recent interview in
which he discussed the security trends in processors and
ISAs.
“The customer has complete ownership of the architec-
ture license and can customize the cores however needed,”
Baines said. With a customized chip development platform
and programming language with a high level of abstraction,
the developer does not have to worry about the implemen-
tation. This abstraction allows the user to add security
features to cores in a way that is as simple as importing a
library or changing compiler settings, according to Baines. CERBERUS ACQUISITION
The advantage is that the abstraction mitigates vulnerabilities like Baines said the recent acquisition of Cerberus by Codasip figures into
Spectre and Meltdown, which are introduced as a result of errors as its platform’s security implementation. Cerberus has deep experience
security implementations are typed in line by line. The high level of in chip security, ranging from consumer electronics to large-scale
abstraction allows added security features to be tested and verified by projects and extending beyond consulting to development of secu-
Codasip while being completely transparent to an audit if the client so rity solutions. Previously, Codasip would recommend Cerberus to its
chooses, said Baines. customers. The acquisition brings Cerberus intellectual property and
technology assets under the Codasip umbrella to become an integral
DUAL-CORE LOCK-STEP APPROACH part of the Codasip Labs platform for building and testing processor
A fundamental concept in the design of fault-proof systems is the dual- specifications, extending the platform’s features of ease of use and
core lock-step approach, in which two cores run the same operation complete customizability, according to Baines.
(in parallel, often with a few cycles’ worth of delay) and the output of The acquisition comes amid growing attention worldwide on
these independent operations is compared. Any deviation between the security, with countries like the U.K. having already developed safety
outputs will signal that there is a security issue. standards for IoT applications. The heightened emphasis on security
Every core type has this implementation, but the details vary. For highlights the need for companies to invest in strong measures to pro-
example, ARM implements the feature as a black box. There’s no way tect their customers and prevent potential breaches. Security features
to run a detailed audit of the implementation; the user has to trust the are no longer considered optional extras but increasingly critical capa-
manufacturer that the security system works. bilities. The threats, and thus the security implementation, will vary
In most cases, however, it is preferable to be able to audit and test with the application. In automotive, for example, security vulnerabili-
dual-core lock-step implementations, using the open-source capabili- ties are a potentially fatal flaw.
ties supported by the RISC-V standard.
Codasip’s implementation of the dual-core lock-step method SecuRISC5 INITIATIVE TO ORGANIZE THE INDUSTRY
involves introducing a jitter between the two parallel procedures while These recent changes are part of Codasip’s security initiative,
comparing them in a context that understands this jitter, an approach SecuRISC5. The initiative extends to fostering partnerships among
that the company says prevents myriad vulnerabilities and attacks from companies to accelerate the adoption of security recommendations.
breaching the system. In addition to implementing this concept, Apart from offering security solutions, Codasip will be implementing
Codasip allows for customers to test, audit and examine the implemen- standards described by RISC-V International under the initiative. The
tation in detail, with relative ease. company also intends to develop reference security implementations
for specific use cases that others can use to develop their own solu-
tions. The references will follow the latest standards outlined by the
RISC-V Foundation, said Baines.
“RISC-V is changing the world of processors,” he said. “The opportu-
nities the technology presents are phenomenal.” IMAGE: SHUTTERSTOCK
Codasip is growing in response to this change by hiring experts and
investing in acquisitions like Cerberus that will help the company add
Dual-issue core (Source: Codasip) functionality and feature sets to its products. ■
MARCH 2023 | www.eetimes.eu
