Semiconductor Engineering Article: Security And Open-Source RISC-V Hardware

Semiconductor Engineering sat down with Helena Handschuh, a Rambus fellow; Richard Newell, senior principal product architect at Microsemi, a Microchip Company; and Joseph Kiniry, principal scientist at Galois. What follows are excerpts of that conversation.

Semiconductor Engineering: There has been a lot of discussion about the security advantages of RISC-V because there isn’t speculative execution or branch prediction, which were used in other proprietary designs to speed them up. Is that true?

Richard Newell: I’m very optimistic for the future. We dodged some bullets where RISC-V wasn’t susceptible to attacks like Spectre and Meltdown. But that doesn’t mean it isn’t susceptible to some other kinds of timing analysis attacks. There is a broad range. One of the things we’ve done in the RISC-V Foundation is to set up a security committee, which reports directly to the board of directors. Thankfully the board has seen fit to elevate security as the top concern. I have great hope we will be able to develop RISC-V chips without timing analysis vulnerabilities in the future. We have work to do. It will take a few years. But I’m pretty confident we’re going to get there. We’re going to be able to create much more secure chips in the future.


To read more, please visit: