skip to Main Content

Hex Five Announces General Availability of MultiZone™ Security – the First Trusted Execution Environment for RISC-V

Enabling developers to implement best practices of security through separation without any changes to hardware or software.

Hex Five Security, today announces general availability of MultiZone™ Security – the first Trusted Execution Environment (TEE) for RISC-V providing developers with a critical building block of hardware enforced, policy-based security through separation without the need for any hardware changes.

Hex Five’s patent pending MultiZone™ Security provides developers with a solution that abstracts the complexities of RISC-V security and, unlike legacy trusted zone implementations enables an unlimited number of equally secure Zones – not just secure and non-secure.  The developer is provided with full control over data, code and peripheral access in each Zone. Communication between Zones is facilitated with an InterZone™ Secure Messenger service which enables message passing between Zones with no shared memory making MultiZone™ Security immune to common attacks such as stack overflow and heap spray.

“Hex Five is excited to bring MultiZone Security to the RISC-V community.” said Cesare Garlati, CEO and co-founder of Hex-Five.  “Legacy security implementations are often so complex they fail to get properly implemented, with MultiZone™ Security we allow developers to implement best security practices without forcing them to become security experts or impacting their time to market.”

Hex Five’s MultiZone™ Configurator takes fully compiled and linked customer code and merges it with Hex Five’s nanoKernel and cusomizable Zone policy configurations to enable rapid adoption without the need for any changes to hardware or customer code blocks.  The nanoKernel is fully written in assembly language, formally verifiable and has no external dependencies making it small enough to fit in a systems boot rom.

“There is a clear market need for Hex Five’s MultiZone Security.” said Art Swift, Vice-Chair, Marketing Committee, at RISC-V Foundation.  “Security by separation is a key best practice in the security world, but having just a secure and non-secure zone is not enough. Enabling multiple secure zones without requiring special hardware or deep integration with user code is a breakthrough.”

MultiZone™ Security is available under a commercial license by contacting Hex-Five through their website at

About Hex Five Security

Hex Five Security is a security company providing MultiZone™ Security the first Trusted Execution Environment (TEE) for RISC-V.  MultiZone™ Security is deployed as a hardware enforced, software enabled, formally verifiable nanoKernel which requires no changes to existing system software or hardware.

Relying on decades of developed best practices for embedded security through separation, MultiZone™ Security enables an unlimited number of equally secure domains, each of which has fully configurable access to memory, i/o and user mode interrupts.

Hex-Five is headquartered in Redwood City, CA and supports secure RISC-V implementations globally.


Don Barnetson
Hex-Five Security
(408) 666-4932

Back To Top