RISC-V Foundation Announces Security Standing Committee, Calls Industry To Join In Efforts

Growing Security Standing Committee Features 25 Member Organizations Collaborating to Secure the Future of Computing

The RISC-V Foundation, a non-profit corporation controlled by its members to drive forward the adoption and implementation of the free and open RISC-V instruction set architecture (ISA), today announced the formation of the Security Standing Committee to bring together industry leaders to share findings, develop consensus around best security practices and identify potential security improvements for RISC-V based Internet of Things (IoT) devices, embedded systems, and machine learning implementations. The Committee includes 25 RISC-V Foundation members, including Berkeley Architecture Group, Bluespec, CSIRO’s Data61, Dover, Draper, Esperanto Technologies, Indian Institute of Technology (IIT) Madras, Intrinsic ID, Galois, Hex Five Security, Microsemi, Micron Technology, NXP, Rambus, SecureRF Corporation, SiFive and Western Digital.


Numerous RISC-V member organizations have already introduced security solutions such as Dover Microsystems CoreGuard and SecureRF WalnutDSA. The Security Standing Committee, chaired by Rambus, has already contributed a draft specification for cryptographic extensions to the RISC-V ISA and a proposed approach to trusted execution environments for deeply embedded RISC-V devices. In addition, the ongoing collaborative work in other technical working groups on specifications for the RISC-V privileged architecture, vector extensions and instruction set compliance demonstrates the high degree of industry interest and cooperation in security.


“As the number of connected devices grows exponentially and new security vulnerabilities like Meltdown and Spectre emerge, it’s become increasingly important to develop more robust security approaches. The RISC-V community has the historic opportunity to leverage a new platform for security innovation, leveraging the latest knowledge and contributions from leading industry and academic experts that comprise the expansive RISC-V ecosystem,” said Rick O’Connor, executive director of the non-profit RISC-V Foundation. “The RISC-V Foundation’s Security Standing Committee is a declaration and call to action for industry leaders, universities and government organizations to join the Foundation and work with us to build a more secure world for the benefit of everyone.”


Participants of the Committee will develop consensus around best security practices for IoT devices, embedded systems, and other key areas of computing, and will collaborate with the RISC-V Foundation’s other committees and tasks groups to tackle specific areas to improve the security of the RISC-V ISA. The Security Standing Committee will also work to promote RISC-V as an ideal vehicle for innovation for the security community. Unlike closed processor architectures the free and open RISC-V ISA enables anyone to inspect and analyze the architecture to assess the security of the ISA. In addition to the security advantages of its open approach, the simplicity of the RISC-V ISA provides a smaller attack surface which helps to minimize vulnerabilities.


“Security is one of the fundamental issues in our connected world. The RISC-V community is committed to pushing the industry forward through innovative approaches and new thinking to address existing and emerging threats,” said Dr. Helena Handschuh, Chair of the RISC-V Foundation Security Standing Committee and Fellow at Rambus. “Through open standard collaboration, the Security Standing Committee is fostering the growth of the RISC-V ISA to ensure it meets and exceeds the dynamic security demands of this new era of innovation.”


To further the development of even stronger security measures for RISC-V, the Security Standing Committee has split the existing security task group into two separate task groups: Trusted Execution Environment for Microcontroller-Class Processors and Cryptography Extensions. The Trusted Execution Environment for Microcontroller-Class Processors group will continue to develop a specification that serves as extension of privilege specification, supporting trust execution environments on embedded RISC-V processors. The Cryptography Extensions group will build on their early proposals for ISA extensions for the standardized and secure execution of popular cryptography algorithms.


“It is an exciting time to witness the advent of a new compute platform that has formal methods at its foundation for processor correctness and security,” said Dr. Joseph Kiniry, Vice-Chair of the RISC-V Foundation Security Standing Committee and Principal Scientist at Galois. “RISC-V is a simple, free and open ISA that is an ideal vehicle for research in formally assured security and secure hardware development for everything from consumer devices to national security applications.”


To learn more about the free and open RISC-V ISA, please visit: https://riscv.org.

To join the RISC-V Foundation and the Security Standing Committee, please contact info@riscv.org.


About RISC-V Foundation

RISC-V (pronounced “risk-five”) is a free and open ISA enabling a new era of processor innovation through open standard collaboration. Founded in 2015, the RISC-V Foundation comprises more than 100 member organizations building the first open, collaborative community of software and hardware innovators powering innovation at the edge forward. Born in academia and research, RISC-V ISA delivers a new level of free, extensible software and hardware freedom on architecture, paving the way for the next 50 years of computing design and innovation.

The RISC-V Foundation, a non-profit corporation controlled by its members, directs the future development and drives the adoption of the RISC-V ISA. Members of the RISC-V Foundation have access to and participate in the development of the RISC-V ISA specifications and related HW / SW ecosystem.