The Future of Security is in Open Silicon

Explore the future of security in open silicon through this conference talk delivered by Joel Wittenauer from Rambus Security, Cryptography Research. Dive into the creation of a root of trust using the open-source Zephyr operating system on a RISC-V based security CPU to secure Linux. Discover how security features of the RISC-V processor and hardware security cores implement three internal privilege levels within the root of trust, creating a freely-programmable application sandbox for Linux services. Learn about the Zephyr OS implementation, internal architecture of the root of trust, functionality of privilege levels and hardware security cores, programming interfaces, and current Linux host integration. Gain insights into Rambus' approach to CPU/MPU security, crypto engines, key derivation cores, and the CMRT software architecture. Understand the roles of first-stage bootloader, security monitor, and supervisor OS in building and executing containers. Explore the rationale behind choosing Zephyr and engage in a dialogue about enhancing Linux security through open silicon solutions.

Intro
Rambus At a Glance
Spectre/Meltdown/Foreshadow
Use Cases
Some brief CMRT terminology
Agenda
CPU/MPU
Crypto Engines
Key Derivation Core
Other important cores
CMRT SW Architecture
First-stage Bootloader
Security Monitor
Supervisor OS/Keme
Building and executing containers
Why Zephyr?
Questions?