Cesare Garlati & Boran Car, August 28, 2019
System Design – Many Trusted Environments
Previous approaches to securing IoT devices are based on the use of complex hardware mechanisms or container virtualization. With Trusted Execution Environments (TEE), on the other hand, it is easy to securely isolate different parts of the system…
(Article in German)
Providing Ada Developers with a Robust Execution Environment for RISC-V Processors.
NEW YORK and REDWOOD SHORES, Calif., May 28, 2019 (GLOBE NEWSWIRE) — Hex Five Security Inc., creator of MultiZone™, the first trusted execution environment for RISC-V, today joined AdaCore’s Partner Program to enable the secure execution of Ada applications on RISC-V processors. As part of the initiative, Hex Five has developed an Ada version of the MultiZone™ SDK and published a reference application showing how to securely run Ada software in MultiZone™ containers. This deployment scenario is especially useful in safety-critical domains, such as transportation, defense, and aerospace. With MultiZone™ Security, developers can rapidly configure open source libraries, third-party binaries, and legacy code to coexist with Ada applications, thus achieving unprecedented levels of safety and security.
Chris Wiltz Apr 18, 2019
Hex Five Security
San Jose’s Hex Five is the creator of MultiZone Security, what it calls the first trusted execution environment for RISC-V. MultiZone requires no additional hardware, dedicated cores, or programming models, and allows for policy-based, hardware-enforced separation for an unlimited number of security domains, with full control over data, code, interrupts, and peripherals. And since it’s open source, like RISC-V, engineers can also implement open course libraries, third-party binaries, and even old legacy code into MultiZone as well. Hex Five also maintains an open source repository for MultiZone on GitHub.
In February 2019, as part of a partnership with cryptography company wolfSSL, Hex Five released an industry-first secure Internet of Things (IoT) stack for RISC-V. The stack is designed to be implemented with FreeRTOS and to handle the security risks inherent in the embedded operating system.
MultiZone allows engineers to isolate the firmware into an unlimited number of separate zones, essentially walling them off from one another in terms of security. According to Hex Five, the result of this is preventing shared memory attacks and other exploits from spreading throughout the system. Any exploit is confined into the zone in which it happens.
wolfSSL and Hex-Five Security Bring Secure IoT Stack for RISC-V
wolfSSL, a provider of TLS cryptography, and Hex-Five Security, developer of MultiZone Security, have partnered to bring what’s claimed as an industry-first secure IoT stack for RISC-V. The move brings a TLS 1.3 reference application of FreeRTOS with hardware-enforced separation between OS, TCP/IP, and Roots of Trust (RoT). Hex-Five Security’s MultiZone Security compartmentalizes the monolithic firmware into an unlimited amount of physically isolated zones, which prevents attacks to the system from propagating to the rest of the platform and compromising the security layers.
wolfSSL’s TLS 1.3 library offers more robust security and increased speed, featuring wolfCrypt encryption, which supports FIPS 140-2 encryption that’s certified by the government and meets NIST (National Institute of Standards and Technology) standards. The stunnel TLS proxy is also supported, which allows already existing servers and clients to establish two-year connections without needing to change source-code programming. It’s useful for securing email exchange, remote shell, and web-hosting connections. The MultiZone Secure IoT Stack is now available for anyone on Hex Five Technology’s GitHub page.
Based on the instruction set architecture RISC-V from the University of Berkeley, processor cores are now being developed as IP and SoCs. Cesare Garlati, founder Hex Five Security and chief security strategist at prpl Foundation, follows the development closely.
San Jose, CA – Feb 25, 2019 /PRWeb/ – wolfSSL, a leading provider of TLS cryptography and Hex Five Security, provider of MultiZone™ Security, the first Trusted Execution Environment for RISC-V announce general availability of the industry-first secure IoT stack for RISC-V – a TLS 1.3 reference implementation of freeRTOS with hardware-enforced separation between OS, TCP/IP stack and root of trust.
Hex Five is excited to collaborate with Dr. Sandro Pinto on the first Secure IoT Stack for RISC-V which will be
presented at Embedded World in Nuremburg, Germany on Feb 26-27, 2019. This demonstration will detailed
in sessions on Feb 26 and 27th and will be on display at the wolfSSL booth, Hall 4 / Booth 421.
Germany on Feb 26-27. https://www.embedded-world.eu/program.html
SAN JOSE, Calif., Nov. 9, 2018 /PRNewswire/ — Hex Five Security, Inc., the creator of MultiZone™ Security, Andes Technology Corporation and GOWIN Semiconductor Corp announce a collaboration to enable MultiZoneTM Security, the first Trusted Execution Environment for RISC-V on the Andes N(X)25 RISC-V Cores, which is part of 25-series, with the GOWIN GW-2A Family of FPGAs.
Redwood Shores, CA – Nov 1, 2018 /PRNewswire/ – Hex Five Security, Inc, the creator of MultiZone™ Security, the first trusted execution environment for RISC-V, today announced the formation of the Hex Five Strategic Advisory Board, an esteemed group of technical and business leaders chosen to counsel the company on achieving its goal of making RISC-V the most secure processor platform.
Andes RISC-V CON Debuts at Hyatt Regency Santa Clara November 13; Linley Group, MediaTek, Andes, Faraday, GOWIN, Imperas Software, Hex Five, and XtremeEDA to Detail RISC-V Technology Advance
Oct 31, 2018
Andes and GOWIN providing attendees 100+ RISC-V SDK Boards; Conference Presentations Will Describe RISC-V Program Development and Debug
San Jose, California, Oct. 31, 2018 (GLOBE NEWSWIRE) — Andes Technology Corporation, a leading supplier of small gate count, low-power and high performance 32/64-bit embedded CPU cores today announced the debut of RISC-V CON on Tuesday November 13, at the Hyatt Regency Santa Clara.
Arms race: SiFive, Hex Five build code safe houses for RISC-V chips
Sept 10, 2018
Those developing custom CPUs can now tap a TrustZone-ish trusted execution environment
If you’ve been looking at SiFive’s RISC-V-based chip technology and thinking, y’know what, it’s missing an Arm TrustZone-style element to run sensitive code, well, here’s some good news.
And if you’re just into processor design and checking out alternatives to Arm CPU cores, then this may be some interesting news.
SiFive helps organizations turn semiconductor designs based on the open-source RISC-V instruction set architecture (ISA) into chips. On Monday, it announced it has integrated Hex Five Security’s MultiZone Security trusted execution environment (TEE) into its Freedom SDK.
Hex-Five Adds MultiZone™ Security Trusted Execution Environment to SiFive DesignShare Program
Sept 10, 2018
Enabling RISC-V Developers to a Robust Trusted Execution Environment without any changes to hardware or software.
SAN MATEO, Calif. – September 10, 2018 – SiFive, the leading provider of commercial RISC-V processor IP, today welcomed Hex Five Security, maker of MultiZone™ Security – the first Trusted Execution Environment (TEE) for RISC-V, to the growing SiFive Software Ecosystem. Through the partnership, SiFive will incorporate MultiZone™ Security into its Freedom SDK for easy adoption by SiFive customers seeking a Trusted Execution Environment.
Hex-Five Announces General Availability of MultiZone™ Security – the First Trusted Execution Environment for RISC-V
Sept 5, 2018
Enabling developers to implement best practices of security through separation without any changes to hardware or software.
REDWOOD CITY, Calif. – Sept 5, 2018 – Hex-Five Security, today announces general availability of MultiZone™ Security – the first Trusted Execution Environment (TEE) for RISC-V providing developers with a critical building block of hardware enforced, policy-based security through separation without the need for any hardware changes.