HDR Defense - May 22st, 2025

This Habilitation à Diriger des Recherches (HDR) manuscript discusses the design of secure microarchitectures, specifically focusing on RISC-V cores. The discussion is organized around two central questions.

The first question addresses how to design a security-conscious applicative out-of-order processor in 2025. The challenges posed by covert channels and transient attacks are explored. Immediately applicable solutions, such as timing fences, domes, and speculation barriers, are proposed to enhance security. However, designing such a secure core without significant performance trade-offs or radical modifications to the entire design process (including software source code, compilers, instruction-set architecture (ISA), and microarchitecture) remains challenging.

Thus, the second question reimagines the design of RISC-V cores from the ground up, exploring radical changes and their potential to improve security. The focus is on microcontroller cores that must be resilient to physical attacks. Key considerations include: how can an ISA be designed to accommodate registers containing confidential data? Should forward indirect jumps be prohibited to enhance control flow integrity? Why might lockstep processors be vulnerable against upcoming fault injection techniques, and how can they be replaced with cores offering cryptographic guarantees of integrity?

This manuscript provides an opportunity to discuss the design choices necessary for secure microarchitectures, choices that are not always based solely on technical merits. Improving the security of modern computing systems is a complex process, and by investigating the security of today's microarchitectures, future-proof designs can be advocated for.