wolfSSL and Hex Five Security joined forces to release the industry’s first universally accessible secure IoT stack for RISC-V – integrating a TLS 1.3 reference of freeRTOS with hardware-enforced separation between OS, TCP/IP stack and root of trust.
Considering FreeRTOS has become the most prominent real-time operating system in the industry, it is still vulnerable to many security issues found in its connectivity stack that expose the risks essential in monolithic system designs. This separation deficiency between individual functional blocks exploits the vulnerable area and exposes the entire system to attacks.
The MultiZone Security Trusted Execution Environment separates the monolithic firmware into an infinite number of physically isolated zones, thus inhibiting shared memory attacks, privilege escalation and lateral movement. This isolates any zone vulnerability to one area and doesn’t transmit to the rest of the system.
“Security through separation is a fundamental building block of a secure system – however, legacy Trusted Execution Environments have only enabled one barrier which does not support the complexity of a modern IoT device,” said wolfSSL’s CTO and co-founder, Todd Ouska. “MultiZone Security on RISC-V enables an unlimited number of secure zones, providing the flexibility for a proper security implementation.”
“wolfSSL’s TLS 1.3 library is broadly recognized as the gold standard for crypto performance and code size,” added Hex Five Security’s co-founder, Don Barnetson. “We’re excited to partner with wolfSSL to bring their capabilities to the broad RISC-V community and provide the first secure IoT stack implementation for RISCV.”