The Challenges of Open-Source Architecture and Security Issues
Imagine a future in which your smartphone is 30% cheaper than today, your connected vehicle benefits from tailor-made protections for autonomous driving and the cloud servers storing your medical data guarantee a high level of confidentiality.
That is what is promised by RISC-V (reduced instruction set computing architecture), a completely open-source and customizable computing architecture that is shaking up the rules of the processor industry.
What is needed now is further raising awareness of the security potential of TEE technologies and confidential computing, which remains largely untapped despite its widespread take-up among hyperscalers.
Costs are drastically reduced as the ecosystem is open-source: This architecture does not require expensive licenses, unlike the ARM ecosystem or platforms dominated by Intel and AMD. This approach is also more economical in terms of the required silicon surface area, given that RISC-V is specifically designed for optimization, meaning that non-essential functions do not need to be installed via hardware.
This open-source nature also raises a crucial challenge: How can we guarantee enhanced security within such a flexible ecosystem?
Despite the protection mechanisms established over the years for RISC-V platforms, security remains a major challenge and still needs to be improved. As yet, no architecture able to balance performance, adaptability, security and compatibility with existing platforms has been successful.
Disruptive response elements are being explored in Orange Research’s work on security based around (trusted execution environment) technologies. Jump on board to discover security “on demand”…
RISC-V, a New Hope
RISC-V is a universal open-source interface between hardware and software architecture. It allows highly adaptable systems to be designed, and their operation optimized, independently of implementation and modularly, by defining specialized extensions. RISC-V has a wide dynamic ecosystem and many applications, from IoT mobile devices (connected vehicles and satellites) to cloud and high-performance computing.
To summarize, RISC-V is a system that is:
- Completely open source: no expensive licenses, no industrial property.
- Modular: each manufacturer can adapt it to their specific needs.
- Universal: from the simplest connected objects to supercomputers.
In view of the rising level of threats, in particular concerning embedded systems, security is required to ensure safe and private execution in an exposed environment and manage trust by providing and verifying provable security for applications hosted in these infrastructures. RISC-V architecture defines initial security mechanisms, including user (U) privilege levels for applications, supervisor (S) privilege levels for the OS, and machine (M) privilege levels for the hardware platform, as well as a basic mechanism at hardware level for memory isolation, known as Physical Memory Protection (PMP) to control access to physical memory regions.
Additional protections have been proposed in the areas of physical security, security of execution environments, memory protection (capability-based systems and information flow control systems), extensions for cryptography, in particular post-quantum extensions and extensions to mitigate side-channel attacks (e.g. Spectre, Meltdown).
However, RISC-V security remains largely unexplored because it has yet to find solutions able to balance security, performance and adaptability, and it faces significant constraints imposed by the embedded platforms.
Software Threats Strike Back

Figure 1 — TEEs: Principle and Properties
Traditional isolation techniques based on a trusted OS, using memory management unit (MMU) mechanisms to create address spaces or memory protection unit (MPU) mechanisms, are ineffective in an embedded context when the environment is too constrained or too hostile.
We must then turn to TEEs, “digital bunkers” (also known as secure ). The TEE creates ultra-secure areas directly within the processor, protecting the most sensitive data, even if a hacker were to take control of a large part of the system. The principle: no longer trusting the operating system, as they are too complex and vulnerable, but instead implementing security on the hardware itself to guard against software threats.
The benefits of TEEs are as follows:
- Ultra-secure areas within the processor: A TEE protects sensitive data even in case of hacking.
- Hardware security: A TEE is implemented directly within the hardware, without relying on the software.
- Operating system independence: A TEE does not rely on a vulnerable operating system.
- Enhanced protection: A TEE guarantees the confidentiality and integrity of critical data in various fields (automotive, healthcare, cloud, IoT etc.).
TEEs are the cornerstone of confidential computing, which is deployed at operational level by most cloud service providers, such as Amazon Web Services, Microsoft Azure or Google Cloud. This security model protects sensitive data during use. It offers many security guarantees (see Figure 1) such as strong code and data isolation (confidentiality and integrity) and attestation, proof of good behavior, which can be verified locally or remotely and are valuable for ensuring regulatory compliance.

Figure 2 — Timeline of TEE Technologies
Several waves of TEE technologies have been developed over the years (see Figure 2), from the Trusted Platform Module (TPM) and the first TEEs (Intel SGX, AMD SEV and ARM TrustZone), a second more mature wave (Intel TDX, AMD SNP and AWS Nitro Enclaves) to the latest developments (ARM CCA and TEEs on GPUs with the rise of AI use cases).
Their use cases include cloud security, distributed environments, AI and embedded systems. We assume that with these technologies, cars will benefit from secure vehicle-to-vehicle communications and enhanced protections for autonomous driving. Artificial intelligence will enable deploying confidential computing that protects training models and data, even in untrusted cloud environments. In the health area, it will be possible to securely share medical data between hospitals while complying with the regulatory requirements of the GDPR. Lastly, the IoT and Industry 4.0 will benefit from tamper-proof authentication and granular access control for critical infrastructures.
The Return of Security On Demand
A TEE architecture for a RISC-V system is a compromise between several requirements, such as security (including enclave entry/exit points, communication between enclaves and the system, and the memory page table), performance (e.g. response time during a domain change), low complexity (no duplication of data structures), scaling (number of enclaves, memory isolation and integrity protection), flexibility (fine-grained isolation, dynamic isolation and nested enclaves) and compatibility with existing systems (in particular the ability to secure execution without modifying the system).
The simplest solution is Keystone, a purely software-based solution that offers a high degree of flexibility and modularity. It consists of three components:
(1) a runtime environment in the TEE for executing applications;
(2) a driver in the host system to manage enclaves;
(3) a security monitor ensuring mutual protection between the host and the enclaves using the RISC-V PMP.
Other protection mechanisms can be added. Keystone, however, needs to grow in terms of industrial maturity.
Among the advanced solutions, one of the first approaches is exploring flexibility, as seen in TIMBER-V. This system is based on tagged memory, a technique that adds metadata to the areas to be protected to provide strong and flexible memory protection and limit memory fragmentation. The TIMBER-V architecture offers two levels of protection: (1) security domains, which are vertical based on the infrastructure layers and horizontal based on the untrusted/trusted systems (see Figure 3);
(2) process level isolation. The resulting protection has a high degree of flexibility and is granular and dynamic, but has high performance overheads of up to 25%.

Figure 3 — TIMBER-V Security Architecture
A second class of solutions is performance oriented. PENGLAI, for example, focuses on scaling in terms of memory isolation, integrity and latency for enclave execution, offering new security mechanisms. This results in fairly strong security, a significant degree of flexibility (mechanisms that can be activated on demand and scaled up) and very good performance results (1000 concurrent enclaves and 1000x speedup for startup time). However, this comes at the cost of a highly significant level of complexity, with some mechanisms duplicated across memory regions.
This fact was a driving force behind the SPEAR-V solution, aimed at reducing complexity. Their approach involves managing page tables at OS level without duplication and supporting nested enclaves to provide zero-trust protection between malicious enclaves and a vulnerable infrastructure. The resulting level of security is fairly strong, with unique memory mapping imposed at enclave level to prevent aliasing attacks. Nested enclaves enable highly fluid and secure memory sharing between the host system and the enclave or within a hierarchy of enclaves. All this comes with very good performance levels (1% overhead overall) without the need to modify the existing system, which significantly reduces costs.
SPEAR-V, the TEE Solution Currently Offering the Best Compromise
Orange researchers have explored the challenges of designing and implementing a TEE architecture in RISC-V systems to balance security and adaptability. These architectures and solutions are important points of reference for basic or advanced solutions, in terms of both flexibility and performance (see Figure 4).

Figure 4 — Comparison of the Main Solutions
Keystone is an interesting starting point, but it needs to mature. Among the advanced solutions, TIMBER-V appears to be highly flexible, but suffers from significant performance penalties. While PENGLAI scales well, this comes at the cost of a high degree of complexity. SPEAR-V offers the best balance between robust security, performance, flexibility, compatibility with existing systems and low complexity.
Research Challenges
The next step is to further raise awareness security potential of TEE technologies and confidential computing, which remains largely untapped for the time being, despite its widespread take-up among hyperscalers.
In addition, there remain many avenues to explore in relation to security for TEE-based RISC-V architectures. On the one hand, the exploration of fully adaptable architectures will bring closer the prospect of security systems that are truly on demand, with current approaches offering little flexibility. For example, there is promising work underway to explore on-demand TEE architectures, which combine FPGA and RISC-V platforms based on the security requirements. On the other hand, the fight against side-channel attacks remains an ongoing challenge. How can the many existing countermeasures be integrated? Lastly, the international rise of the RISC-V ecosystem, driven by an ever-wider community of stakeholders, raises fundamental strategic questions about the certification of platforms and their compatibility with technological sovereignty requirements.
Sources :
- Marc Lacoste. Trusted Execution Environments: A New Frontier in Telecoms Security.
- Dayeol Lee, David Kohlbrenner, Shweta Shinde, Krste Asanović and Dawn Song. Keystone: An Open Framework for Architecting Trusted Execution Environments. In: European Conference on Computer Systems (EUROSYS), 2020, pp. 1–16.
- Samuel Weiser, Mario Werner, Ferdinand Brasser, Maja Malenko, Stefan Mangard and Ahmad-Reza Sadeghi. TIMBER-V: Tag-Isolated Memory Bringing Fine-grained Enclaves to RISC-V. In: NDSS’19.
- Erhu Feng et al. Scalable Memory Protection in the PENGLAI Enclave. In: OSDI’21.
- David Schrammel et al. SPEAR-V: Secure and Practical Enclave Architecture for RISC-V. In: ACM Asia Conference on Computer and Communications Security (ASIA CCS), 2023, pp. 457–468.
- David Lie et al. Implementing an Untrusted Operating System on Trusted Hardware. In: SOSP’03.
Read more :
- Ghada Dessouky, Ahmad-Reza Sadeghi and Emmanuel Stapf. Enclave Computing on RISC-V: A Brighter Future for Security? International Workshop on Secure RISC-V Architecture Design Exploration (SECRISC-V), 2020.
- Tao Lu. A Survey on RISC-V Security: Hardware and Architecture, arXiv:2107.04175, 2021.
- Confidential Computing Consortium. A Technical Analysis of Confidential Computing v1.3. November 2022.
- Marc Lacoste and Vincent Lefebvre. Trusted Execution Environments for Telecoms: Strengths, Weaknesses, Opportunities, and Threats. In: IEEE Security & Privacy, vol. 21, no. 3, pp. 37–46, May–June 2023.
- Moritz Schneider et al. Composite Enclaves: Towards Disaggregated Trusted Execution. IACR Transactions on Cryptographic Hardware and Embedded Systems 2022 (1):630–656, 2021.
- Md Armanuzzaman, Ahmad-Reza Sadeghi and Ziming Zhao. Building Your Own Trusted Execution Environments Using FPGA.In: Asia CCS’24.
This architecture, known as instruction set architecture (ISA), is open-source and modular and is raising much interest thanks to the ability to define extensions to customize embedded systems. RISC-V is applicable to both IoT mobile devices and data centers. Its reconfigurable and open-source nature, thanks to its numerous scalability features, makes it a promising tool for supporting on-demand applications.
A trusted execution environment (TEE) allows user-specified code and data to be protected against modification by malicious components, software, hardware or systems outside the TEE’s boundaries.
Enclaves originally referred to the notion of a protected compartment through the use of a trusted execution environment (TEE) in the Intel Software Guard Extensions (SGX) architecture. Now, the term enclave is widely used interchangeably with TEE.







