RISC-V PMP architectural validation test suite strengthen security
A beta version of the ImperasDV test suite for PMP (physical memory protection) covers the full envelope of configuration options, said Imperas Software. The open standard ISA (Instruction Set Architecture) of RISC-V offers developers a wide range of standard extensions and options that support the design of an optimised processor while leveraging the ecosystem of compatibility.
The RISC-V Privileged Specification includes PMP as a fundamental approach to memory protection that is essential in security applications that depend on TEE (Trusted Execution Environments) such as Keystone, OpenTitan, and other leading techniques for security protection, confirms the company. Functional verification of PMP is essential for any RISC-V processor targeted at security applications.
RISC-V processor implementations for security applications use PMP as a way to ensure memory isolation between key security applications and other activities. The RISC-V PMP specification provides a flexible and comprehensive approach based on control registers for the parameterisation of modes to control the memory access, permissions and policy. By using control registers, the policy and operation can be configured in software using the available hardware resources. The PMP policy can be configured to control the initial processor boot process and is fundamental to many systems that rely on a TEE for security applications.
RISC-V processor functional verification needs to ensure the design behaves as expected. In the case of the PMP functionality, due to the wide range of possible configurations and implementations, the architectural validation test suite also needs to cover the vulnerabilities that arise from a design error that enable an unnecessary or unwanted option. Some processor developers undertake both the design and test phases of a project. Third party tests provide an independent interpretation of the specification and offers an additional safeguard. This is especially important when specification options selected for the target device are used to direct the test plan, since an unintended design error that includes an unnecessary and therefore untested feature could allow for a security vulnerability, Imperas explains.
Simon Davidmann, CEO at Imperas Software said: “Test suites have many useful qualities, perhaps the top two are coverage and specification completeness. The RISC-V PMP test requirements are significant given the complexity of the specification and security implications for any implementation errors. The Imperas mutating fault simulation technology ensures the test coverage, and the Imperas reference model covers the full envelope of the PMP specification, so when combined these produce a useful architectural validation test suite for any RISC-V processor targeted at security applications.”
The Imperas Physical Memory Protection (PMP) Architectural Validation test suites are available now to ImperasDV users as a beta release, with a full production release scheduled for Q2 2022.
The ImperasDV RISC-V processor verification technology is in active use with many leading customers, some of which have working silicon prototypes and are working on second generation designs. These customers, partners and users span the breadth of RISC-V adopters from open source to commercial, research to industrial and microcontrollers to high performance computing. Examples include Codasip, EM Microelectronics (Swatch), NSITEXE (Denso), Nvidia Networking (Mellanox), OpenHW Group, MIPS Technology, Seagate Technology, Silicon Labs and Valtrix Systems.
The free riscvOVPsimPlus package, including the Imperas RISC-V Reference Model, test suites and instruction coverage analysis, including updates for the latest RISC-V ratified specifications is also available on OVPworld at www.ovpworld.org/riscvOVPsimPlus.
Imperas provides RISC-V processor models, hardware design verification and virtual prototypes for software simulation. Imperas, along with Open Virtual Platforms (OVP), promotes open source model availability for a spectrum of processors, IP vendors, CPU architectures, system IP and reference platform models of processors and systems ranging from simple single core bare metal platforms to full heterogeneous multi-core systems booting SMP Linux.
