Skip to main content
Blog

XuanTie Security System Promotes Rapid Migration of Security Applications from Arm to RISC-V | Vincent Cui, Alibaba Cloud

Recently at the RISC-V Summit China 2022 a new high-performance RISC-V-based chip platform named Wujian 600 and the TH1520 chip prototype was revealed. These products are compatible with the Linux-based operating system OpenAnolis and they can successfully run LibreOffice. 

TH1520 was developed utilizing the Wujian 600 SoC platform. It is an AI-powered multi-modal chip that features high performance and security. It can be used in a wide range of platforms such as financial payment, edge computing, and video conferencing. 

Secure payment is an example requiring both high-performance computing and security. The current facial-recognition payment devices utilize the Arm TrustZone solution where the security software ecosystem plays a leading role. In addition, the Arm TrustZone solution adopts the Trusted Execution Environment (TEE) security certification scheme that meets the GlobalPlatform standard. Therefore, the RISC-V-based TH1520 chip requires a complete set of security solutions to ensure security in face-recognition payment scenarios. 

The XuanTie security system adopts the T-Head Virtual Zone technology (click here for more information) to be highly compatible with the Arm software ecosystem, while choosing Linaro’s OP-TEE as the security system. The key lies in the implementation of three-layer security isolation in conjunction with the GlobalPlatform TEE standards on the RISC-V architecture. In addition to RISC-V’s native privilege mode we have extended the PMP security mechanism to ensure secure access to resources from CPUs. Moreover, we have added the IOPMP secure IP feature for extra layer of security from memory master devices equipped with the DMA access mechanism. 

To improve the real-time performance of the system we have extended security capabilities for PLIC and further distinguished secure from non-secure interrupts. Secure interrupts are directly distributed from the most privileged machine privilege mode to the security superuser state for handling. The non-secure interrupts are processed in the corresponding superuser state through the proxy agent. This further reduces the latency of interrupt processing. 

In addition, we have further standardized the GlobalPlatform functional conformance interface and expanded the cryptographic algorithm interface to support Chinese national cryptographic algorithms. We leverage hardware and software co-design to further improve system security. All these efforts make it easier for users to develop security applications.

We have built an overall security architecture for TH1520 to comply with the GlobalPlatform TEE standards. We use GlobalPlatform TEE Protection Profile as a standard to conduct security vulnerability analysis. In addition, we have made efforts from the perspectives of a hardware root of trust (RoT), cryptographic algorithm drivers, secure boot, and secure storage application to enhance security in an all-round manner, thereby achieving multi-layer system security. Last but not least, we have improved the security of system key management, from root keys to master keys and platform keys, and finally generated application keys based on application security requirements. This enables keys to be managed securely in all processes. 

We leverage the Mult-TEE security technology to divide the system into multiple security domains. The security domains can be security chips, e.g. SE and TPM or security systems. This design empowers users to select and develop security systems based on a more user-friendly manner. This also resolves the issue where Arm TrustZone technology can support only one domain, secure or non-secure. Furthermore, by using the privilege access and PMP security mechanism we have further strengthened the physical isolation between the security system and Trusted Firmware. This also resolves the issue that Arm TrustZone technology allows access from security systems to Secure Monitor security resources. 

At present, the XuanTie security system has completed the rapid migration of the security applications for facial-recognition payments from Arm to RISC-V. It is now compatible with the Arm software ecosystem. We will continue to promote its production in the facial-recognition payment field. The GlobalPlatform TEE security certification is also advancing rapidly. We are hopeful that the XuanTie security system will be the first RISC-V-based security platform in the world that meets the GlobalPlatform TEE security standard. The high security and scalability of RISC-V make us more determined to deploy the XuanTie security system in more security fields.