Evaluating Secure Enclave Firmware Development for Contemporary RISC-V Workstations

Author

Samuel D. Chadwick

Date of Award

3-2022

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Scott R. Graham, PhD

Abstract

The emergence of the open-source RISC-V ISA empowers developers and engineers, device manufactures, industry leaders, nation-states, adversaries and allies alike with the unique opportunity to re-evaluate existing Trusted Computing paradigms. Emerging open-source security mechanisms facilitate the proliferation of Confidential Computing principles. These technology standards aim to provide secure enclave computing as a fundamental computing attribute, inherent within the RISC-V ISA specification. Security enforcement within these enclaves are handled by performing computation in memory-isolated, hardware-based, software-defined TEEs. This research evaluates the firmware development procedures required to implement Keystone Enclave on new unsupported hardware. Expressly, this effort extends Keystone SM firmware components for use on the HiFive Unmatched development platform as a demonstration of Keystone Enclave's device portability claims. Furthermore, it proposes Keystone SDK and Eapp development recommendations to supplement contemporary ASIC RISC-V workstations with TEEs. Moreover, this research asserts that for the wide-spread adoption of Confidential Computing principles to occur, significant hardware, firmware, and software development advancements are required by all constituent parties.

AFIT Designator

AFIT-ENG-MS-22-M-017

DTIC Accession Number

AD1166832

Recommended Citation

Chadwick, Samuel D., "Evaluating Secure Enclave Firmware Development for Contemporary RISC-V Workstations" (2022). Theses and Dissertations. 5317.
https://scholar.afit.edu/etd/5317