Until recently, security protection has focused on software stacks, which provide underlying protection such as a root of trust. The RISC-V Foundation focuses on the implementation of security platforms and mechanisms to prevent untrusted code from affecting the integrity of critical system functions. These security features are critical to verifying software updates.
Open-source hardware based on the RISC-V ISA provides an opportunity for a higher level of security review. At the same time, malicious proxy software can perform a detailed analysis of the design and discover low-level vulnerabilities.
To read more please visit https://www.eettaiwan.com/news/article/20190814NT31-Side-Channel-Attacks-on-Embedded-Processors. Please note that the original article is in Chinese.