RISC-V Needs Secure 'Wheels': the MCU Initiator-Side Perspective

TL;DR

This paper critically examines RISC-V's current limitations for automotive security, especially in virtualized MCUs, and proposes ISA extensions and a roadmap for a secure, open-source automotive computing platform aligned with ISO21434.

Contribution

It identifies RISC-V's security gaps for automotive MCUs and proposes specific ISA extensions and a development roadmap for secure, virtualized automotive computing systems.

Findings

Identifies RISC-V limitations for automotive security.

Proposes ISA extensions for initiator-side protection.

Outlines a roadmap for an open-source secure automotive platform.

Abstract

The automotive industry is experiencing a massive paradigm shift. Cars are becoming increasingly autonomous, connected, and computerized. Modern electrical/electronic (E/E) architectures are pushing for an unforeseen functionality integration density, resulting in physically separate Electronic Control Units (ECUs) becoming virtualized and mapped to logical partitions within a single physical microcontroller (MCU). While functional safety (FuSa) has been pivotal for vehicle certification for decades, the increasing connectivity and advances have opened the door for a number of car hacks and attacks. This development drives (cyber-)security requirements in cars, and has paved the way for the release of the new security certification standard ISO21434. RISC-V has great potential to transform automotive computing systems, but we argue that current ISA/extensions are not ready yet. This paper provides our critical perspective on the existing RISC-V limitations, particularly on the upcoming WorldGuard technology, to address virtualized MCU requirements in line with foreseen automotive applications and ISO21434 directives. We then present our proposal for the required ISA extensions to address such limitations, mainly targeting initiator-side protection. Finally, we explain our roadmap towards a full open-source proof-of-concept (PoC), which includes extending QEMU, an open-source RISC-V core, and building a complete software stack.