

# Security assessment methodology for RISC-V cores

Apurba Karmarkar, Pablo Navarro-Torrero, Eros Camacho-Ruiz\*, Macarena C. Martínez-Rodríguez, Piedad Brox Instituto de Microelectrónica de Sevilla, IMSE-CNM, CSIC, US, Spain \*camacho@imse-cnm.csic.es

## **Context and Motivation**

- The Internet of Things (IoT) has become an integral part of daily life, from homes and workplaces to industrial systems, all of which rely on extensive data sharing.
- Many of these systems use **embedded processors** to perform the majority of tasks.
- In this context, **assessing the security** of these processors is critical to protecting against potential cyberattacks.

# Why RISC-V in Security ?



### What is a Side-Channel Attack?

A side-channel attack (SCA) is a method used to extract secret information from a system by observing its **physical behavior**.



Power consumption

**Electromagnetic emissions** 

#### Goals

- Define a **Methodology** that will facilitate the evaluation of the **Side Channel resistance** of RISC-V cores.
- Design an **experimental setup** to evaluate the Methodology.
- Test the methodology and the experimental setup using a specific use case.

# Methodology

| Requirements                                       |                                                     |                                                                                   |                                              |
|----------------------------------------------------|-----------------------------------------------------|-----------------------------------------------------------------------------------|----------------------------------------------|
| Independent on any kind of RISC-V core or compiled | Selection of the <b>platform test</b><br>(SAKURA-X) | Compilation of the<br><b>Program Under Test</b> on the<br>RISC-V Core (baremetal) | Run the <b>Analysis</b><br>(SPA, DPA or CPA) |
| program.                                           |                                                     |                                                                                   |                                              |
| Flag signal to indicate the                        | Implementation of a generic                         | Design of a <b>Flag hardware</b>                                                  |                                              |





**Evaluate** the results

### **Experimental Set-up**





This research was supported in part by the QUBIP Project with Grant Agreement No. 101119746 under the EU Horizon Europe research and innovation programme