SlideShare a Scribd company logo

Andes building a secure platform with the enhanced iopmp

RISC-V International
RISC-V International

The document provides an overview of building a secure platform using the enhanced IOPMP (Input/Output Physical Memory Protection). It discusses why IOPMP is needed to check accesses from non-RISC-V bus masters, describes the enhancements made to IOPMP including supporting multiple bus masters and flexible response options. It then provides an example of how IOPMP, PMP, and secure boot can establish a root of trust for the platform and describes AndeSentry, an open security framework from Andes Technology.

1 of 33
Download to read offline
Building a Secure Platform with the Enhanced IOPMP Shan-Chyun Ku, Deputy Technical Director Andes Technology December 9, 2020
Taking RISC-V® Mainstream 2 Biography of Shan-Chyun Ku Technical Areas • SoC Architect, SoC Security • Parallel Algorithms, System-level Performance Analysis Industry Experience Andes, 2019 Deputy Technical Director of Architecture Realtek, 2009 Manager of SoC, VoIP, and BSP Cadence, 2006 Member of Consulting Staff Faraday, 2001 Deputy Manager of Core Technology Education • PhD, CS, National Tsing-Hua University (Taiwan) • BS, CS, National Tsing-Hua University (Taiwan)
Why Have IOPMP? Enhanced IOPMP Example: Root-of-Trust AndeSentry™ Brief Agenda 1 2 3 4
Taking RISC-V® Mainstream 4 Why Have IOPMP?
Taking RISC-V® Mainstream 5 Why Have IOPMP? • Vulnerabilities of platforms give hackers the chance to access or tamper with sensitive data or devices. • PMP: checks the accesses issued from RISC-V harts. • IOPMP: checks the accesses issued from other bus masters.
Taking RISC-V® Mainstream 6 A Platform without an IOPMP mem controller RV hart PMP SRAM/ ROM eFuse General DMA non-RV core off-chip storage high-speed bus MMIO bus (arrow: bus cmd direction) trans. transactions issued from RV hart: checked by PMP
Taking RISC-V® Mainstream 7 A Platform without an IOPMP transactions issued from DMA: Never check Malicious SW can utilize DMA to access any data. mem controller RV hart PMP SRAM/ ROM eFuse General DMA non-RV core off-chip storage trans.
Taking RISC-V® Mainstream 8 A Platform with an IOPMP transactions issued from other masters: checked IOPMP mem controller RV hart PMP SRAM/ ROM eFuse General DMA non-RV core off-chip storage trans. IOPMP IOPMP
Taking RISC-V® Mainstream 9 What is an IOPMP?
Taking RISC-V® Mainstream 10 PMP and IOPMP • PMP: check the transactions issued from RISC-V harts • IOPMP: check the transactions issued by other bus maters or by another subsystem • Similarity: both are ordered rule-based checkers • Status: PMP is ratified while IOPMP is still ongoing
Taking RISC-V® Mainstream 11 Our Enhancement and Modification • What we modify to the current IOPMP proposals: – Skip checked transactions (especially checked by PMP) – Provide flexible methods to respond to an illegal access, e.g. forged data, a bus error, or an interrupt. – Optionally support speculative accesses. – Support up to 65,536 entries by using page and page index. – Support up to 16,384 bus masters, by modifying the encoding scheme. – Support “all bus masters” option, easer to block out all accesses. – Suggest methods to integrate with existing subsystems or nested subsystems. • IOPMP: refers to the proposed enhancement for the rest talk
Taking RISC-V® Mainstream 12 MID of Bus Masters • Master ID (MID): uniquely identify – a bus master, or – a group of masters with the same permission. • Be fixed before entering REE, if it is configurable. • Multi-channel DMA: one permission  an MID • Multi-privilege DMA: one privilege  an MID • MID=0 implies a trusted master. – A RISC-V core with a well-configured PMP. (more detail later)
Taking RISC-V® Mainstream 13 MID of a Transaction • Every transaction carries an MID, initialized to the MID of the master issuing the transaction. • The MID is changed to zero or even omitted after the transaction passes a checker. • Such a transaction bypasses subsequent IOPMPs’ checking.
Taking RISC-V® Mainstream 14 MID Examples mem controller Regulated RISC-V core SRAM/ ROM peripherals 2-ch DMA Other bus master (unregulated core or device w/ DMA) off-chip storage PMP MID=0 MID!=0 channel no ch0.MID (!=0) ch1.MID (!=0) IOPMP IOPMP
Taking RISC-V® Mainstream 15 MID Modification Rules • While a transaction passes a regulated checker, depicted later, its MID can be changed to zero or even be omitted: – Rule-1: MID  0 if the transaction passes 1+ regulated checker. – Rule-2: MID  omitted on a bus if every slave port of it is a leaf device, not a bridge connecting to another bus as a master, or another Rule-2 bus, and all possible transactions sent to the bus are legal (e.g. MID=0 or no MID).
Taking RISC-V® Mainstream 16 Example of MID Modification Rules a bus WITHOUT MID a bus with MID RISC-V PMP MID=0 Bus Master MID!=0 IOPMP device device device device IOPMP RISC-V PMP IOPMP Bus Master MID!=0 no MID by R1 by R2 by R2 no MID no MID no MID
Taking RISC-V® Mainstream 17 MID[3:0] MID Encoding in IOPMP Entry • An MID uses up to 14 bits, or 16,384 MIDs. • An IOPMP entry contains up to 16 MIDs, by “MID.h” and “MID.l”. MID[13:0] MID.h[9:0] MID.l[15:0] == && Does the entry contain the MID? MID[13:4] Lower 4 bits uses bitmap encoding Upper 10 bits uses binary encoding
Taking RISC-V® Mainstream 18 Secure Boot • Secure boot plays an important role in a secure platform. • Basically initialize and lock: PMP, IOPMP, and MID – MIDs (if applicable) – Private regions for each master and each mode • e.g. keys, random seed, device id, private data, Monitor space, anti- rollback counter, IOPMP control registers and other peripherals’ control registers... – NX and prohibited regions for each master and mode • prevent Security Monitor from unintentionally executing malicious code • Bring up the Security Monitor that makes the runtime environment secured.
Taking RISC-V® Mainstream 19 Regulated Checkers • Initialized to provide Security Monitor and sensitive data a baseline protection. It should – prevent U/S-mode from accessing, – prevent Monitor from unintentionally executing unwanted codes, – prevent DMA from accessing unwanted space, – prevent non-Monitor from controlling IOPMPs, and – protect sensitive data even when Monitor is compromised.
Taking RISC-V® Mainstream 20 Regulated Checker • A PMP is a regulated checker if – It is initialized according to the previous requirements (P19), and – The initialization is performed during the secure boot. • A IOPMP is a regulated checker if – It is initialized according to the previous requirements, – All possible transactions to control the IOPMP are regulated. A transaction passing all regulated checkers on its way is regulated.
Taking RISC-V® Mainstream 21 Secure Platforms and IOPMPs • All possible transactions are regulated. • IOPMP can be placed close to masters or close to devices. IOPMP-1 mem controller RV-core PMP SRAM/ ROM IOPMP-2 eFuse Crypto engine NIC w/ DMA off-chip storage IOPMP-1 mem controller RV-core PMP SRAM/ ROM IOPMP-2 eFuse Crypto engine NIC w/ DMA off-chip storage close to devices close to masters
Taking RISC-V® Mainstream 22 An Example of Root-of-Trust
Taking RISC-V® Mainstream 23 An Example Root-of-Trust Utilizing PMP, IOPMP, and Secure Boot high-speed bus MMIO bus (arrow: bus cmd direction) mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine NIC w/ DMA off-chip storage K.B. Key ARcnt eFuse: store sensitive data • Keys: to encrypt and decrypt for networks or off-chip storages • ARcnt: an anti-rollback counter for updatable firmware Crypto engine: encryption & decryption • Direct memory access: cipher and plain text • Key buffer (K.B.): store cipher keys IOPMP-2 IOPMP-1
Taking RISC-V® Mainstream 24 A Root-of-Trust: ZSBL • Boot ROM: ZSBL (Zero Stage Boot Loader) • Any access from ZSBL is allowed. – Set some MIDs if they are configurable. – Copy Keys from eFuse into the Key buffer. – Perform keys update if applicable. – Verify and/or select an FSBL (First Stage Boot Loader) from off-chip storage, and update ARcnt if necessary. mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
Taking RISC-V® Mainstream 25 A Root-of-Trust: ZSBL to FSBL • Set and lock these rules in highest priority – eFuse: no access (PMP+IOPMP2) – Key buffer: no access (PMP+IOPMP2) – Control registers of Crypto engine: • PMP: M-mode only • IOPMP2: no one else but MID=0 • Jump to selected FSBL • Do system initialization. • Set more MIDs if necessary. • Verify and/or select one Security Monitor. • Load the Security Monitor into protected memory. mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
Taking RISC-V® Mainstream 26 A Root-of-Trust: FSBL • Set and lock more rules. Example: • Monitor region: – PMP for code and data: M-mode only – IOPMP-1 for code: no one else but MID=0 – IOPMP-1 for crypto buffer: Crypto engine only • DMA buffers: used by S/U-mode – PMP: NX for M-mode – IOPMP-1: the only place DMAs can access • Non-Monitor region: – PMP: NX M-mode – MID control registers: non-writable – IOPMP control registers: • PMP: M-mode only • IOPMP-2: no one else but MID=0 mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
Taking RISC-V® Mainstream 27 A Root-of-Trust: FSBL to Monitor • Finally, jump to Security Monitor! mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
Taking RISC-V® Mainstream 28 A Brief of AndeSentry™
Taking RISC-V® Mainstream 29 AndeSentry™ • An Open Framework:  Threat mitigation: from cyber attacks to physical attacks – Flexible • Selectable components for different kind of requirements • Robustness driven, power driven, cost driven, and so on – Scalable • Systems built by single MCU, multi-core, or even sub-systems. – Trustable • Andes with over 15-year experience in the processor industry • Partners: strong domain know-how, and rich experience in the certification
Taking RISC-V® Mainstream 30 AndeSentry™ Security Framework AndeSentry™ Security Solution Trusted Execution Environment: Secure boot Security monitor Root-of-Trust Secure Interruption Physical Attack Mitigation: Side-channel mitigation Fault-injection protection Secure debugger Secure storage Security element Runtime Protection: Stack under/overflow protection ROP protection Code modification protection Control flow hijack protection Crypto Acceleration: Hardware crypto engine Crypto-efficiency ISA Security element
Taking RISC-V® Mainstream 31 AndeSentry™ Components PMP TRNG Root-of-Trust Security element Crypto-efficiency ISA Crypto engine Secure debug IOPMP Secure Storages off-chip on-chip Crypto Library Security Monitor REE OS TEE OS REE Apps TEE Apps M-mode U-mode and/or S-mode HW SW • • • • • • • • • • • • CRTL flow hijack protection Code protection ROT protection Fault injection protection Stack protection and many more...
Taking RISC-V® Mainstream 32 Andes Security Partners and Ecosystem
THANK YOU Insert the Subtitle of Your Presentation
Ad

Recommended

“Advancing Embedded Vision for an Autonomous World,” a Presentation from Qual...
“Advancing Embedded Vision for an Autonomous World,” a Presentation from Qual...“Advancing Embedded Vision for an Autonomous World,” a Presentation from Qual...
“Advancing Embedded Vision for an Autonomous World,” a Presentation from Qual...
Edge AI and Vision Alliance
 
Andes RISC-V processor solutions
Andes RISC-V processor solutionsAndes RISC-V processor solutions
Andes RISC-V processor solutions
RISC-V International
 
Optimizing ARM cortex a and cortex-m based heterogeneous multiprocessor syste...
Optimizing ARM cortex a and cortex-m based heterogeneous multiprocessor syste...Optimizing ARM cortex a and cortex-m based heterogeneous multiprocessor syste...
Optimizing ARM cortex a and cortex-m based heterogeneous multiprocessor syste...
Arm
 
Unit 4 _ ARM Processors .pptx
Unit 4 _ ARM Processors .pptxUnit 4 _ ARM Processors .pptx
Unit 4 _ ARM Processors .pptx
VijayKumar201823
 
Introduction to ARM Architecture
Introduction to ARM ArchitectureIntroduction to ARM Architecture
Introduction to ARM Architecture
Racharla Rohit Varma
 
Static partitioning virtualization on RISC-V
Static partitioning virtualization on RISC-VStatic partitioning virtualization on RISC-V
Static partitioning virtualization on RISC-V
RISC-V International
 
PART-1 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-1 : Mastering RTOS FreeRTOS and STM32Fx with DebuggingPART-1 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
PART-1 : Mastering RTOS FreeRTOS and STM32Fx with Debugging
FastBit Embedded Brain Academy
 
Embedded Android : System Development - Part III (Audio / Video HAL)
Embedded Android : System Development - Part III (Audio / Video HAL)Embedded Android : System Development - Part III (Audio / Video HAL)
Embedded Android : System Development - Part III (Audio / Video HAL)
Emertxe Information Technologies Pvt Ltd
 
Arm architecture
Arm architectureArm architecture
Arm architecture
MinYeop Na
 
18CS44-MES-Module-1.pptx
18CS44-MES-Module-1.pptx18CS44-MES-Module-1.pptx
18CS44-MES-Module-1.pptx
rakshitha481121
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
Emertxe Information Technologies Pvt Ltd
 
LCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEE
Linaro
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introduction
Yi-Hsiu Hsu
 
Message Signaled Interrupts
Message Signaled InterruptsMessage Signaled Interrupts
Message Signaled Interrupts
Anshuman Biswal
 
Linux scheduler
Linux schedulerLinux scheduler
Linux scheduler
Liran Ben Haim
 
DAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZoneDAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZone
LEGATO project
 
Memory model
Memory modelMemory model
Memory model
Yi-Hsiu Hsu
 
Cours Linux , bases de l'administration linux
Cours Linux , bases de l'administration linuxCours Linux , bases de l'administration linux
Cours Linux , bases de l'administration linux
AdiliKarim
 
Virtualization Support in ARMv8+
Virtualization Support in ARMv8+Virtualization Support in ARMv8+
Virtualization Support in ARMv8+
Aananth C N
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
Satpal Parmar
 
Poll mode driver integration into dpdk
Poll mode driver integration into dpdkPoll mode driver integration into dpdk
Poll mode driver integration into dpdk
Vipin Varghese
 
ARM
ARMARM
ARM
Pune University
 
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardKernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Anne Nicolas
 
Arm modes
Arm modesArm modes
Arm modes
abhi165
 
Is Linux ready for safety related applications?
Is Linux ready for safety related applications?Is Linux ready for safety related applications?
Is Linux ready for safety related applications?
Alexander Much
 
Xvisor: embedded and lightweight hypervisor
Xvisor: embedded and lightweight hypervisorXvisor: embedded and lightweight hypervisor
Xvisor: embedded and lightweight hypervisor
National Cheng Kung University
 
Presentation on Raspberry Pi by Sazzad H. IIUC
Presentation on Raspberry Pi by Sazzad H. IIUCPresentation on Raspberry Pi by Sazzad H. IIUC
Presentation on Raspberry Pi by Sazzad H. IIUC
shssn7
 
Network Drivers
Network DriversNetwork Drivers
Network Drivers
Anil Kumar Pugalia
 
Basic network training2
Basic network training2Basic network training2
Basic network training2
Arunchai Seangparch
 
Maximizing High Performance Applications with CAN Bus
Maximizing High Performance Applications with CAN BusMaximizing High Performance Applications with CAN Bus
Maximizing High Performance Applications with CAN Bus
Janel Heilbrunn
 
Ad

More Related Content

What's hot (20)

Arm architecture
Arm architectureArm architecture
Arm architecture
MinYeop Na
 
18CS44-MES-Module-1.pptx
18CS44-MES-Module-1.pptx18CS44-MES-Module-1.pptx
18CS44-MES-Module-1.pptx
rakshitha481121
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
Emertxe Information Technologies Pvt Ltd
 
LCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEE
Linaro
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introduction
Yi-Hsiu Hsu
 
Message Signaled Interrupts
Message Signaled InterruptsMessage Signaled Interrupts
Message Signaled Interrupts
Anshuman Biswal
 
Linux scheduler
Linux schedulerLinux scheduler
Linux scheduler
Liran Ben Haim
 
DAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZoneDAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZone
LEGATO project
 
Memory model
Memory modelMemory model
Memory model
Yi-Hsiu Hsu
 
Cours Linux , bases de l'administration linux
Cours Linux , bases de l'administration linuxCours Linux , bases de l'administration linux
Cours Linux , bases de l'administration linux
AdiliKarim
 
Virtualization Support in ARMv8+
Virtualization Support in ARMv8+Virtualization Support in ARMv8+
Virtualization Support in ARMv8+
Aananth C N
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
Satpal Parmar
 
Poll mode driver integration into dpdk
Poll mode driver integration into dpdkPoll mode driver integration into dpdk
Poll mode driver integration into dpdk
Vipin Varghese
 
ARM
ARMARM
ARM
Pune University
 
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardKernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Anne Nicolas
 
Arm modes
Arm modesArm modes
Arm modes
abhi165
 
Is Linux ready for safety related applications?
Is Linux ready for safety related applications?Is Linux ready for safety related applications?
Is Linux ready for safety related applications?
Alexander Much
 
Xvisor: embedded and lightweight hypervisor
Xvisor: embedded and lightweight hypervisorXvisor: embedded and lightweight hypervisor
Xvisor: embedded and lightweight hypervisor
National Cheng Kung University
 
Presentation on Raspberry Pi by Sazzad H. IIUC
Presentation on Raspberry Pi by Sazzad H. IIUCPresentation on Raspberry Pi by Sazzad H. IIUC
Presentation on Raspberry Pi by Sazzad H. IIUC
shssn7
 
Network Drivers
Network DriversNetwork Drivers
Network Drivers
Anil Kumar Pugalia
 
Arm architecture
Arm architectureArm architecture
Arm architecture
MinYeop Na
 
18CS44-MES-Module-1.pptx
18CS44-MES-Module-1.pptx18CS44-MES-Module-1.pptx
18CS44-MES-Module-1.pptx
rakshitha481121
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
Emertxe Information Technologies Pvt Ltd
 
LCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEE
Linaro
 
Yocto Project introduction
Yocto Project introductionYocto Project introduction
Yocto Project introduction
Yi-Hsiu Hsu
 
Message Signaled Interrupts
Message Signaled InterruptsMessage Signaled Interrupts
Message Signaled Interrupts
Anshuman Biswal
 
Linux scheduler
Linux schedulerLinux scheduler
Linux scheduler
Liran Ben Haim
 
DAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZoneDAIS19: On the Performance of ARM TrustZone
DAIS19: On the Performance of ARM TrustZone
LEGATO project
 
Memory model
Memory modelMemory model
Memory model
Yi-Hsiu Hsu
 
Cours Linux , bases de l'administration linux
Cours Linux , bases de l'administration linuxCours Linux , bases de l'administration linux
Cours Linux , bases de l'administration linux
AdiliKarim
 
Virtualization Support in ARMv8+
Virtualization Support in ARMv8+Virtualization Support in ARMv8+
Virtualization Support in ARMv8+
Aananth C N
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
Satpal Parmar
 
Poll mode driver integration into dpdk
Poll mode driver integration into dpdkPoll mode driver integration into dpdk
Poll mode driver integration into dpdk
Vipin Varghese
 
ARM
ARMARM
ARM
Pune University
 
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime RipardKernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Kernel Recipes 2017 - An introduction to the Linux DRM subsystem - Maxime Ripard
Anne Nicolas
 
Arm modes
Arm modesArm modes
Arm modes
abhi165
 
Is Linux ready for safety related applications?
Is Linux ready for safety related applications?Is Linux ready for safety related applications?
Is Linux ready for safety related applications?
Alexander Much
 
Xvisor: embedded and lightweight hypervisor
Xvisor: embedded and lightweight hypervisorXvisor: embedded and lightweight hypervisor
Xvisor: embedded and lightweight hypervisor
National Cheng Kung University
 
Presentation on Raspberry Pi by Sazzad H. IIUC
Presentation on Raspberry Pi by Sazzad H. IIUCPresentation on Raspberry Pi by Sazzad H. IIUC
Presentation on Raspberry Pi by Sazzad H. IIUC
shssn7
 
Network Drivers
Network DriversNetwork Drivers
Network Drivers
Anil Kumar Pugalia
 

Similar to Andes building a secure platform with the enhanced iopmp (20)

Basic network training2
Basic network training2Basic network training2
Basic network training2
Arunchai Seangparch
 
Maximizing High Performance Applications with CAN Bus
Maximizing High Performance Applications with CAN BusMaximizing High Performance Applications with CAN Bus
Maximizing High Performance Applications with CAN Bus
Janel Heilbrunn
 
Maximizing High-Performance Applications with CAN Bus
Maximizing High-Performance Applications with CAN BusMaximizing High-Performance Applications with CAN Bus
Maximizing High-Performance Applications with CAN Bus
ICS
 
FALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptx
FALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptxFALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptx
FALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptx
Rahultater4
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
Lakshan Perera
 
Topic 2 ARM Architecture and Programmer's Model.pptx
Topic 2 ARM Architecture and Programmer's Model.pptxTopic 2 ARM Architecture and Programmer's Model.pptx
Topic 2 ARM Architecture and Programmer's Model.pptx
pushprajsinhmakwana1
 
SMT Verification of the POWER5 and POWER6 High-Performance Processors
SMT Verification of the POWER5 and POWER6 High-Performance ProcessorsSMT Verification of the POWER5 and POWER6 High-Performance Processors
SMT Verification of the POWER5 and POWER6 High-Performance Processors
DVClub
 
Arm arc-2016
Arm arc-2016Arm arc-2016
Arm arc-2016
Mohammed Gomaa
 
chapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.pptchapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.ppt
birhanugebisa1
 
Introduction to arm processor
Introduction to arm processorIntroduction to arm processor
Introduction to arm processor
RAMPRAKASHT1
 
Arm Processors Architectures
Arm Processors ArchitecturesArm Processors Architectures
Arm Processors Architectures
Mohammed Hilal
 
How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1
n|u - The Open Security Community
 
18CS44-MODULE1-PPT.pdf
18CS44-MODULE1-PPT.pdf18CS44-MODULE1-PPT.pdf
18CS44-MODULE1-PPT.pdf
VanshikaRajvanshi1
 
An entire concept of embedded systems entire ppt
An entire concept of embedded systems entire pptAn entire concept of embedded systems entire ppt
An entire concept of embedded systems entire ppt
Prabhakar Captain
 
An Entire Concept of Embedded systems
An Entire Concept of Embedded systems An Entire Concept of Embedded systems
An Entire Concept of Embedded systems
Prabhakar Captain
 
PIC Microcontrollers: Powering Versatile Embedded Solutions"
PIC Microcontrollers: Powering Versatile Embedded Solutions"PIC Microcontrollers: Powering Versatile Embedded Solutions"
PIC Microcontrollers: Powering Versatile Embedded Solutions"
aadithyaaa2005
 
The_MSP430_Slides.pptx
The_MSP430_Slides.pptxThe_MSP430_Slides.pptx
The_MSP430_Slides.pptx
GopinathSamydurai
 
RISC-V 30908 patra
RISC-V 30908 patraRISC-V 30908 patra
RISC-V 30908 patra
RISC-V International
 
Ppt on six month training on embedded system & IOT
Ppt on six month training on embedded system & IOTPpt on six month training on embedded system & IOT
Ppt on six month training on embedded system & IOT
preetigill309
 
arm_3.ppt
arm_3.pptarm_3.ppt
arm_3.ppt
MostafaParvin1
 
Basic network training2
Basic network training2Basic network training2
Basic network training2
Arunchai Seangparch
 
Maximizing High Performance Applications with CAN Bus
Maximizing High Performance Applications with CAN BusMaximizing High Performance Applications with CAN Bus
Maximizing High Performance Applications with CAN Bus
Janel Heilbrunn
 
Maximizing High-Performance Applications with CAN Bus
Maximizing High-Performance Applications with CAN BusMaximizing High-Performance Applications with CAN Bus
Maximizing High-Performance Applications with CAN Bus
ICS
 
FALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptx
FALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptxFALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptx
FALLSEM2024-25_BEEE309L_TH_VL2024250101214_2024-11-11_Reference-Material-I.pptx
Rahultater4
 
Chapter14ccna
Chapter14ccnaChapter14ccna
Chapter14ccna
Lakshan Perera
 
Topic 2 ARM Architecture and Programmer's Model.pptx
Topic 2 ARM Architecture and Programmer's Model.pptxTopic 2 ARM Architecture and Programmer's Model.pptx
Topic 2 ARM Architecture and Programmer's Model.pptx
pushprajsinhmakwana1
 
SMT Verification of the POWER5 and POWER6 High-Performance Processors
SMT Verification of the POWER5 and POWER6 High-Performance ProcessorsSMT Verification of the POWER5 and POWER6 High-Performance Processors
SMT Verification of the POWER5 and POWER6 High-Performance Processors
DVClub
 
Arm arc-2016
Arm arc-2016Arm arc-2016
Arm arc-2016
Mohammed Gomaa
 
chapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.pptchapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.ppt
birhanugebisa1
 
Introduction to arm processor
Introduction to arm processorIntroduction to arm processor
Introduction to arm processor
RAMPRAKASHT1
 
Arm Processors Architectures
Arm Processors ArchitecturesArm Processors Architectures
Arm Processors Architectures
Mohammed Hilal
 
How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1
n|u - The Open Security Community
 
18CS44-MODULE1-PPT.pdf
18CS44-MODULE1-PPT.pdf18CS44-MODULE1-PPT.pdf
18CS44-MODULE1-PPT.pdf
VanshikaRajvanshi1
 
An entire concept of embedded systems entire ppt
An entire concept of embedded systems entire pptAn entire concept of embedded systems entire ppt
An entire concept of embedded systems entire ppt
Prabhakar Captain
 
An Entire Concept of Embedded systems
An Entire Concept of Embedded systems An Entire Concept of Embedded systems
An Entire Concept of Embedded systems
Prabhakar Captain
 
PIC Microcontrollers: Powering Versatile Embedded Solutions"
PIC Microcontrollers: Powering Versatile Embedded Solutions"PIC Microcontrollers: Powering Versatile Embedded Solutions"
PIC Microcontrollers: Powering Versatile Embedded Solutions"
aadithyaaa2005
 
The_MSP430_Slides.pptx
The_MSP430_Slides.pptxThe_MSP430_Slides.pptx
The_MSP430_Slides.pptx
GopinathSamydurai
 
RISC-V 30908 patra
RISC-V 30908 patraRISC-V 30908 patra
RISC-V 30908 patra
RISC-V International
 
Ppt on six month training on embedded system & IOT
Ppt on six month training on embedded system & IOTPpt on six month training on embedded system & IOT
Ppt on six month training on embedded system & IOT
preetigill309
 
arm_3.ppt
arm_3.pptarm_3.ppt
arm_3.ppt
MostafaParvin1
 
Ad

More from RISC-V International (20)

WD RISC-V inliner work effort
WD RISC-V inliner work effortWD RISC-V inliner work effort
WD RISC-V inliner work effort
RISC-V International
 
RISC-V Zce Extension
RISC-V Zce ExtensionRISC-V Zce Extension
RISC-V Zce Extension
RISC-V International
 
RISC-V Online Tutor
RISC-V Online TutorRISC-V Online Tutor
RISC-V Online Tutor
RISC-V International
 
London Open Source Meetup for RISC-V
London Open Source Meetup for RISC-VLondon Open Source Meetup for RISC-V
London Open Source Meetup for RISC-V
RISC-V International
 
RISC-V Introduction
RISC-V IntroductionRISC-V Introduction
RISC-V Introduction
RISC-V International
 
Ziptillion boosting RISC-V with an efficient and os transparent memory comp...
Ziptillion boosting RISC-V with an efficient and os transparent memory comp...Ziptillion boosting RISC-V with an efficient and os transparent memory comp...
Ziptillion boosting RISC-V with an efficient and os transparent memory comp...
RISC-V International
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
RISC-V International
 
Semi dynamics high bandwidth vector capable RISC-V cores
Semi dynamics high bandwidth vector capable RISC-V coresSemi dynamics high bandwidth vector capable RISC-V cores
Semi dynamics high bandwidth vector capable RISC-V cores
RISC-V International
 
Security and functional safety
Security and functional safetySecurity and functional safety
Security and functional safety
RISC-V International
 
Reverse Engineering of Rocket Chip
Reverse Engineering of Rocket ChipReverse Engineering of Rocket Chip
Reverse Engineering of Rocket Chip
RISC-V International
 
RISC-V NOEL-V - A new high performance RISC-V Processor Family
RISC-V NOEL-V - A new high performance RISC-V Processor FamilyRISC-V NOEL-V - A new high performance RISC-V Processor Family
RISC-V NOEL-V - A new high performance RISC-V Processor Family
RISC-V International
 
RISC-V 30910 kassem_ summit 2020 - so_c_gen
RISC-V 30910 kassem_ summit 2020 - so_c_genRISC-V 30910 kassem_ summit 2020 - so_c_gen
RISC-V 30910 kassem_ summit 2020 - so_c_gen
RISC-V International
 
RISC-V 30907 summit 2020 joint picocom_mentor
RISC-V 30907 summit 2020 joint picocom_mentorRISC-V 30907 summit 2020 joint picocom_mentor
RISC-V 30907 summit 2020 joint picocom_mentor
RISC-V International
 
RISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmwareRISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmware
RISC-V International
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V International
 
RISC-V software state of the union
RISC-V software state of the unionRISC-V software state of the union
RISC-V software state of the union
RISC-V International
 
Ripes tracking computer architecture throught visual and interactive simula...
Ripes tracking computer architecture throught visual and interactive simula...Ripes tracking computer architecture throught visual and interactive simula...
Ripes tracking computer architecture throught visual and interactive simula...
RISC-V International
 
Porting tock to open titan
Porting tock to open titanPorting tock to open titan
Porting tock to open titan
RISC-V International
 
Open j9 jdk on RISC-V
Open j9 jdk on RISC-VOpen j9 jdk on RISC-V
Open j9 jdk on RISC-V
RISC-V International
 
Open source manufacturable pdk for sky water 130nm process node
Open source manufacturable pdk for sky water 130nm process nodeOpen source manufacturable pdk for sky water 130nm process node
Open source manufacturable pdk for sky water 130nm process node
RISC-V International
 
WD RISC-V inliner work effort
WD RISC-V inliner work effortWD RISC-V inliner work effort
WD RISC-V inliner work effort
RISC-V International
 
RISC-V Zce Extension
RISC-V Zce ExtensionRISC-V Zce Extension
RISC-V Zce Extension
RISC-V International
 
RISC-V Online Tutor
RISC-V Online TutorRISC-V Online Tutor
RISC-V Online Tutor
RISC-V International
 
London Open Source Meetup for RISC-V
London Open Source Meetup for RISC-VLondon Open Source Meetup for RISC-V
London Open Source Meetup for RISC-V
RISC-V International
 
RISC-V Introduction
RISC-V IntroductionRISC-V Introduction
RISC-V Introduction
RISC-V International
 
Ziptillion boosting RISC-V with an efficient and os transparent memory comp...
Ziptillion boosting RISC-V with an efficient and os transparent memory comp...Ziptillion boosting RISC-V with an efficient and os transparent memory comp...
Ziptillion boosting RISC-V with an efficient and os transparent memory comp...
RISC-V International
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
RISC-V International
 
Semi dynamics high bandwidth vector capable RISC-V cores
Semi dynamics high bandwidth vector capable RISC-V coresSemi dynamics high bandwidth vector capable RISC-V cores
Semi dynamics high bandwidth vector capable RISC-V cores
RISC-V International
 
Security and functional safety
Security and functional safetySecurity and functional safety
Security and functional safety
RISC-V International
 
Reverse Engineering of Rocket Chip
Reverse Engineering of Rocket ChipReverse Engineering of Rocket Chip
Reverse Engineering of Rocket Chip
RISC-V International
 
RISC-V NOEL-V - A new high performance RISC-V Processor Family
RISC-V NOEL-V - A new high performance RISC-V Processor FamilyRISC-V NOEL-V - A new high performance RISC-V Processor Family
RISC-V NOEL-V - A new high performance RISC-V Processor Family
RISC-V International
 
RISC-V 30910 kassem_ summit 2020 - so_c_gen
RISC-V 30910 kassem_ summit 2020 - so_c_genRISC-V 30910 kassem_ summit 2020 - so_c_gen
RISC-V 30910 kassem_ summit 2020 - so_c_gen
RISC-V International
 
RISC-V 30907 summit 2020 joint picocom_mentor
RISC-V 30907 summit 2020 joint picocom_mentorRISC-V 30907 summit 2020 joint picocom_mentor
RISC-V 30907 summit 2020 joint picocom_mentor
RISC-V International
 
RISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmwareRISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmware
RISC-V International
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V International
 
RISC-V software state of the union
RISC-V software state of the unionRISC-V software state of the union
RISC-V software state of the union
RISC-V International
 
Ripes tracking computer architecture throught visual and interactive simula...
Ripes tracking computer architecture throught visual and interactive simula...Ripes tracking computer architecture throught visual and interactive simula...
Ripes tracking computer architecture throught visual and interactive simula...
RISC-V International
 
Porting tock to open titan
Porting tock to open titanPorting tock to open titan
Porting tock to open titan
RISC-V International
 
Open j9 jdk on RISC-V
Open j9 jdk on RISC-VOpen j9 jdk on RISC-V
Open j9 jdk on RISC-V
RISC-V International
 
Open source manufacturable pdk for sky water 130nm process node
Open source manufacturable pdk for sky water 130nm process nodeOpen source manufacturable pdk for sky water 130nm process node
Open source manufacturable pdk for sky water 130nm process node
RISC-V International
 
Ad

Recently uploaded (20)

HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded DevelopersLinux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Toradex
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Cybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure ADCybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure AD
VICTOR MAESTRE RAMIREZ
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Big Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur MorganBig Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur Morgan
Arthur Morgan
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded DevelopersLinux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Toradex
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
 
Technology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data AnalyticsTechnology Trends in 2025: AI and Big Data Analytics
Technology Trends in 2025: AI and Big Data Analytics
InData Labs
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Cybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure ADCybersecurity Identity and Access Solutions using Azure AD
Cybersecurity Identity and Access Solutions using Azure AD
VICTOR MAESTRE RAMIREZ
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Big Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur MorganBig Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur Morgan
Arthur Morgan
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 

Andes building a secure platform with the enhanced iopmp

  • 1. Building a Secure Platform with the Enhanced IOPMP Shan-Chyun Ku, Deputy Technical Director Andes Technology December 9, 2020
  • 2. Taking RISC-V® Mainstream 2 Biography of Shan-Chyun Ku Technical Areas • SoC Architect, SoC Security • Parallel Algorithms, System-level Performance Analysis Industry Experience Andes, 2019 Deputy Technical Director of Architecture Realtek, 2009 Manager of SoC, VoIP, and BSP Cadence, 2006 Member of Consulting Staff Faraday, 2001 Deputy Manager of Core Technology Education • PhD, CS, National Tsing-Hua University (Taiwan) • BS, CS, National Tsing-Hua University (Taiwan)
  • 3. Why Have IOPMP? Enhanced IOPMP Example: Root-of-Trust AndeSentry™ Brief Agenda 1 2 3 4
  • 4. Taking RISC-V® Mainstream 4 Why Have IOPMP?
  • 5. Taking RISC-V® Mainstream 5 Why Have IOPMP? • Vulnerabilities of platforms give hackers the chance to access or tamper with sensitive data or devices. • PMP: checks the accesses issued from RISC-V harts. • IOPMP: checks the accesses issued from other bus masters.
  • 6. Taking RISC-V® Mainstream 6 A Platform without an IOPMP mem controller RV hart PMP SRAM/ ROM eFuse General DMA non-RV core off-chip storage high-speed bus MMIO bus (arrow: bus cmd direction) trans. transactions issued from RV hart: checked by PMP
  • 7. Taking RISC-V® Mainstream 7 A Platform without an IOPMP transactions issued from DMA: Never check Malicious SW can utilize DMA to access any data. mem controller RV hart PMP SRAM/ ROM eFuse General DMA non-RV core off-chip storage trans.
  • 8. Taking RISC-V® Mainstream 8 A Platform with an IOPMP transactions issued from other masters: checked IOPMP mem controller RV hart PMP SRAM/ ROM eFuse General DMA non-RV core off-chip storage trans. IOPMP IOPMP
  • 9. Taking RISC-V® Mainstream 9 What is an IOPMP?
  • 10. Taking RISC-V® Mainstream 10 PMP and IOPMP • PMP: check the transactions issued from RISC-V harts • IOPMP: check the transactions issued by other bus maters or by another subsystem • Similarity: both are ordered rule-based checkers • Status: PMP is ratified while IOPMP is still ongoing
  • 11. Taking RISC-V® Mainstream 11 Our Enhancement and Modification • What we modify to the current IOPMP proposals: – Skip checked transactions (especially checked by PMP) – Provide flexible methods to respond to an illegal access, e.g. forged data, a bus error, or an interrupt. – Optionally support speculative accesses. – Support up to 65,536 entries by using page and page index. – Support up to 16,384 bus masters, by modifying the encoding scheme. – Support “all bus masters” option, easer to block out all accesses. – Suggest methods to integrate with existing subsystems or nested subsystems. • IOPMP: refers to the proposed enhancement for the rest talk
  • 12. Taking RISC-V® Mainstream 12 MID of Bus Masters • Master ID (MID): uniquely identify – a bus master, or – a group of masters with the same permission. • Be fixed before entering REE, if it is configurable. • Multi-channel DMA: one permission  an MID • Multi-privilege DMA: one privilege  an MID • MID=0 implies a trusted master. – A RISC-V core with a well-configured PMP. (more detail later)
  • 13. Taking RISC-V® Mainstream 13 MID of a Transaction • Every transaction carries an MID, initialized to the MID of the master issuing the transaction. • The MID is changed to zero or even omitted after the transaction passes a checker. • Such a transaction bypasses subsequent IOPMPs’ checking.
  • 14. Taking RISC-V® Mainstream 14 MID Examples mem controller Regulated RISC-V core SRAM/ ROM peripherals 2-ch DMA Other bus master (unregulated core or device w/ DMA) off-chip storage PMP MID=0 MID!=0 channel no ch0.MID (!=0) ch1.MID (!=0) IOPMP IOPMP
  • 15. Taking RISC-V® Mainstream 15 MID Modification Rules • While a transaction passes a regulated checker, depicted later, its MID can be changed to zero or even be omitted: – Rule-1: MID  0 if the transaction passes 1+ regulated checker. – Rule-2: MID  omitted on a bus if every slave port of it is a leaf device, not a bridge connecting to another bus as a master, or another Rule-2 bus, and all possible transactions sent to the bus are legal (e.g. MID=0 or no MID).
  • 16. Taking RISC-V® Mainstream 16 Example of MID Modification Rules a bus WITHOUT MID a bus with MID RISC-V PMP MID=0 Bus Master MID!=0 IOPMP device device device device IOPMP RISC-V PMP IOPMP Bus Master MID!=0 no MID by R1 by R2 by R2 no MID no MID no MID
  • 17. Taking RISC-V® Mainstream 17 MID[3:0] MID Encoding in IOPMP Entry • An MID uses up to 14 bits, or 16,384 MIDs. • An IOPMP entry contains up to 16 MIDs, by “MID.h” and “MID.l”. MID[13:0] MID.h[9:0] MID.l[15:0] == && Does the entry contain the MID? MID[13:4] Lower 4 bits uses bitmap encoding Upper 10 bits uses binary encoding
  • 18. Taking RISC-V® Mainstream 18 Secure Boot • Secure boot plays an important role in a secure platform. • Basically initialize and lock: PMP, IOPMP, and MID – MIDs (if applicable) – Private regions for each master and each mode • e.g. keys, random seed, device id, private data, Monitor space, anti- rollback counter, IOPMP control registers and other peripherals’ control registers... – NX and prohibited regions for each master and mode • prevent Security Monitor from unintentionally executing malicious code • Bring up the Security Monitor that makes the runtime environment secured.
  • 19. Taking RISC-V® Mainstream 19 Regulated Checkers • Initialized to provide Security Monitor and sensitive data a baseline protection. It should – prevent U/S-mode from accessing, – prevent Monitor from unintentionally executing unwanted codes, – prevent DMA from accessing unwanted space, – prevent non-Monitor from controlling IOPMPs, and – protect sensitive data even when Monitor is compromised.
  • 20. Taking RISC-V® Mainstream 20 Regulated Checker • A PMP is a regulated checker if – It is initialized according to the previous requirements (P19), and – The initialization is performed during the secure boot. • A IOPMP is a regulated checker if – It is initialized according to the previous requirements, – All possible transactions to control the IOPMP are regulated. A transaction passing all regulated checkers on its way is regulated.
  • 21. Taking RISC-V® Mainstream 21 Secure Platforms and IOPMPs • All possible transactions are regulated. • IOPMP can be placed close to masters or close to devices. IOPMP-1 mem controller RV-core PMP SRAM/ ROM IOPMP-2 eFuse Crypto engine NIC w/ DMA off-chip storage IOPMP-1 mem controller RV-core PMP SRAM/ ROM IOPMP-2 eFuse Crypto engine NIC w/ DMA off-chip storage close to devices close to masters
  • 22. Taking RISC-V® Mainstream 22 An Example of Root-of-Trust
  • 23. Taking RISC-V® Mainstream 23 An Example Root-of-Trust Utilizing PMP, IOPMP, and Secure Boot high-speed bus MMIO bus (arrow: bus cmd direction) mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine NIC w/ DMA off-chip storage K.B. Key ARcnt eFuse: store sensitive data • Keys: to encrypt and decrypt for networks or off-chip storages • ARcnt: an anti-rollback counter for updatable firmware Crypto engine: encryption & decryption • Direct memory access: cipher and plain text • Key buffer (K.B.): store cipher keys IOPMP-2 IOPMP-1
  • 24. Taking RISC-V® Mainstream 24 A Root-of-Trust: ZSBL • Boot ROM: ZSBL (Zero Stage Boot Loader) • Any access from ZSBL is allowed. – Set some MIDs if they are configurable. – Copy Keys from eFuse into the Key buffer. – Perform keys update if applicable. – Verify and/or select an FSBL (First Stage Boot Loader) from off-chip storage, and update ARcnt if necessary. mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
  • 25. Taking RISC-V® Mainstream 25 A Root-of-Trust: ZSBL to FSBL • Set and lock these rules in highest priority – eFuse: no access (PMP+IOPMP2) – Key buffer: no access (PMP+IOPMP2) – Control registers of Crypto engine: • PMP: M-mode only • IOPMP2: no one else but MID=0 • Jump to selected FSBL • Do system initialization. • Set more MIDs if necessary. • Verify and/or select one Security Monitor. • Load the Security Monitor into protected memory. mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
  • 26. Taking RISC-V® Mainstream 26 A Root-of-Trust: FSBL • Set and lock more rules. Example: • Monitor region: – PMP for code and data: M-mode only – IOPMP-1 for code: no one else but MID=0 – IOPMP-1 for crypto buffer: Crypto engine only • DMA buffers: used by S/U-mode – PMP: NX for M-mode – IOPMP-1: the only place DMAs can access • Non-Monitor region: – PMP: NX M-mode – MID control registers: non-writable – IOPMP control registers: • PMP: M-mode only • IOPMP-2: no one else but MID=0 mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
  • 27. Taking RISC-V® Mainstream 27 A Root-of-Trust: FSBL to Monitor • Finally, jump to Security Monitor! mem controller RV hart PMP SRAM/ ROM eFuse Crypto Engine non-RV core off-chip storage K.B. Key ARcnt IOPMP-2 IOPMP-1
  • 28. Taking RISC-V® Mainstream 28 A Brief of AndeSentry™
  • 29. Taking RISC-V® Mainstream 29 AndeSentry™ • An Open Framework:  Threat mitigation: from cyber attacks to physical attacks – Flexible • Selectable components for different kind of requirements • Robustness driven, power driven, cost driven, and so on – Scalable • Systems built by single MCU, multi-core, or even sub-systems. – Trustable • Andes with over 15-year experience in the processor industry • Partners: strong domain know-how, and rich experience in the certification
  • 30. Taking RISC-V® Mainstream 30 AndeSentry™ Security Framework AndeSentry™ Security Solution Trusted Execution Environment: Secure boot Security monitor Root-of-Trust Secure Interruption Physical Attack Mitigation: Side-channel mitigation Fault-injection protection Secure debugger Secure storage Security element Runtime Protection: Stack under/overflow protection ROP protection Code modification protection Control flow hijack protection Crypto Acceleration: Hardware crypto engine Crypto-efficiency ISA Security element
  • 31. Taking RISC-V® Mainstream 31 AndeSentry™ Components PMP TRNG Root-of-Trust Security element Crypto-efficiency ISA Crypto engine Secure debug IOPMP Secure Storages off-chip on-chip Crypto Library Security Monitor REE OS TEE OS REE Apps TEE Apps M-mode U-mode and/or S-mode HW SW • • • • • • • • • • • • CRTL flow hijack protection Code protection ROT protection Fault injection protection Stack protection and many more...
  • 32. Taking RISC-V® Mainstream 32 Andes Security Partners and Ecosystem
  • 33. THANK YOU Insert the Subtitle of Your Presentation