review comments - security (0.1)

Question

review comments - security (0.1)

sfu5 opened this issue 8 months ago · 4 comments

There is no requirement about security RoT in v0.1 spec. Recommand to add:

To support secure (verified) boot, the SoC must contain immutable boot code (e.g. ROM, OTP) as the RoT for verification.
The SoC should provide capability for immutable security parameter provisioning, such as public key for secure boot verification, and possible private key for confidential data decryption.

Answer 1 · 2024-02-18T12:18:32.000Z

Thank you. This was omitted due to the requirements being covered by the RISC-V security model . The security model provides recipes for various security use cases. I think the security section of the Server SoC specification can be improved with a more explicit reference to the security model but avoid redundancy by repeating the requirements. I will propose an update in a PR shortly.

Answer 2 · 2024-02-19T02:49:50.000Z

Thank you. This was omitted due to the requirements being covered by the RISC-V security model . The security model provides recipes for various security use cases. I think the security section of the Server SoC specification can be improved with a more explicit reference to the security model but avoid redundancy by repeating the requirements. I will propose an update in a PR shortly.

That's good to reference existing security mode spec to avoid redundancy, but it's better to explicit mention that and list which secuirty requirement should be implemented for a Server SoC, or all of that in security model.

Answer 3 · 2024-02-27T02:13:25.000Z

@sfu5 thanks. I have provided cross references to the security model in SEC_005 through SEC_007 in this commit

Answer 4 · 2024-03-20T16:15:54.000Z

Please reopen if there is further feedback.