Open Source Summit Japan & Automotive Linux Summit 2020

Historically, computer architecture security has relied on processor or privilege modes where code was allowed to execute. As applications became more complex, specifically with the advent of large-scale virtualization and the internet, this simple security model broke down as executed code could no longer be trusted, nor its origin verified. The problem of “secure remote computation” arises where the data owner must trust not only the software provider, but also the remote computer and infrastructure on which that software is executed.

Trusted Execution Environments (TEEs) have been available in implementations like Arm TrustZone and Intel Software Guard Extensions SGX for almost a decade. RISC-V has recently ratified its Physical Memory Protection (PMP) specification, and is currently hard at work on Supervisor Mode PMP and I/O PMP. This talk will cover a brief history of TEEs, an explanation of TrustZone and SGX, as well as an introduction to RISC-V PMP features available today and those still to come. We will briefly cover existing open source implementations of RISC-V PMP and what we can expect to see in 2021.