IoT Security Blog

Articles and Posts on IoT Security, Embedded Systems, and the Internet of Things

Looking back at the 4th RISC-V Workshop; musings on the meaning of a new processor and Instruction Set Architecture, and security for IoT.

A main focus for us at SecureRF is the Internet of Things (IoT) and how to secure devices, data and communications at the edge of the IoT that rely on relatively low-power 8- and 16-bit processors. The availability of a lower-cost and efficient RISC processor for IoT devices offers new opportunities to design engineers they can get more bang for the buck. It also offers an intellectual challenge to these same designers the ability to influence the direction of the organization and open nature of the platform should spur innovation in devices and applications (both visible to end-users and not) as well as at ARM, which no doubt sees RISC-V as something of a threat.

The 4th RISC-V Workshop and the one coming up at Google point to the accelerating interest. The workshop at MIT was sold out and could have included more people in a larger venue. What we didn’t see were a lot of concrete things that would help predict the commercialization trajectory of RISC-V.

We expect innovation will come out of RISC-V, but much may be hidden from view. Consumer appliance companies are likely to adopt it, as well other hardware companies that see benefits of the architecture, instruction set, open source and royalty-free nature of RISC-V. Without more case studies made public, estimates of adoption may be difficult for some time.

A good capsule summary of presentations at the 4th Workshop can be found at

Our assessment of the utility of RISC-V, having viewed last three workshops and through our work with Codasip is that it is a worthy platform. RISC-V is open source, royalty-free, and offers an advanced instruction set. RISC-V was designed from ground up to be enhanced with custom instructions and hardware accelerators, a perfect scenario for high-performance cryptography like our WalnutDSAtm, which is what we demonstrated at the Workshop on a MicroSemi SmartFusion2 FPGA platform.

Moving from a software-only implementation to a software implementation with hardware acceleration we were able to reduce the math required to support our DSA signature verification algorithm from 24 instructions to one custom instruction. The ability to use a custom instruction to perform our calculations yielded a powerful performance enhancement. And it was simple. We completed our work using the Codasip tool in just a few days. The results of our benchmarking can be seen in our presentation co-developed with Codasip, RISC-V as a Basis for ASIP Design: A Quantum-Resistant IoT Security Implementation detailing the development of a RISC-V compliant processor, built with Codasip tools, that includes an IoT security application. You can download the presentation here.

The business value of the IoT market got some validation recently with the announcement by SoftBank of its planned acquisition of ARM. It’s helpful to many in the space, as it puts a hard dollar amount on a savvy investor’s estimation of future value of a company closely associated with IoT. It also places into relief the potential for disruption of this market from RISC-V, though with little hard adoption data to work with and a relatively young platform, we’re still looking at years to commercial and competitive relevance. That said, we’re committed to RISC-V and through our partner Codasip, can help you bring your FPGA-based designs to market with the highest level of security for low-compute platforms.

We have the only viable RISC-V security solution for low-resource IoT devices a digital signature verification function implemented on a Codasip Codix BK Core, and we can ship it today on the Codix BK Core. If you’re building an IoT device on RISC-V it would be worth evaluating our DSA for your application and processor environment.

Not ready to jump in the RISC-V pool? ARM remains a great partner for us, especially at the low end of its processor range. The two ARM cores we target, M0 and M3, are difficult if not impossible to truly secure with other solutions (ECC in particular is problematic). With such little room for instructions and limited compute and power resources, other means of security either don’t fit or perform unacceptably slowly for many applications.

Download RISC-V Presentation