A New RISC

Explore the security attributes of RISC-V, an open-source Instruction Set Architecture (ISA), in this 51-minute lecture from the Hack In The Box Security Conference. Delve into the architecture's design for 32, 64, and 128-bit systems, its layered privilege model, and its potential to secure embedded platforms. Examine attacks against RV32G and RV32C ABIs, with code examples demonstrating exploitation capabilities. Learn about the base RISC-V privilege model, various implementations like SiFive FE310G, and potential security enhancements such as tagged memory. Analyze possible vulnerabilities arising from common faults in errata, comparing issues in RISC-V to other RISC architectures. Consider the security implications of multi-bit-length architecture design, especially with the advent of 128-bit processors. Conclude with a historical perspective on computing architectures, their strengths and weaknesses, and recommendations for improving security in RISC-V implementations, particularly for the Internet of Things ecosystem.

Intro
Demo Time
What do I do Now?
Four Layers
Obvious Attack Model
Current Attack Model
Attack Implementation
Making it Clean
The Solution
The Death of ARM?
What is Tagging?
Limitations
Traditional Attacks
Solution?
Architecture Generics