Perhaps the United States will not need sanctions in order for the Middle Kingdom to abandon the popular standard.
A research team from Northwestern Polytechnic University (NPU) led by Professor Hu Wei discovered a serious security flaw in the design of processors based on the open RISC-V standard . The vulnerability identified poses a threat to the rapidly growing domestic microelectronics industry in China.
The discovered flaw allows attackers to bypass the defense mechanisms of modern processors and operating systems even without obtaining administrative privileges. This opens up opportunities for stealing confidential data and violating the privacy of users.
The discovery was made as part of a national program to investigate processor hardware vulnerabilities initiated by the Chinese government in 2021. In addition to NPU, Tsinghua University, the Institute of Microelectronics of the Chinese Academy of Sciences, and the National Computer Incident Response Center (CNCERT) participated in the project.
RISC-V is an open architecture for high-performance microchips and semiconductors. Unlike Intel and AMD's proprietary instructions, RISC-V provides free access and modifiability without restrictions. China sees it as the key to technological independence from Western sanctions in the field of microelectronics.
According to NPU, by the end of 2022, about 50 different models of domestic RISC-V processors were produced in China. They are used primarily in embedded systems, industrial automation, wireless networks, storage systems, and the Internet of Things. However, in the near future, it is expected to expand the use of RISC-V in more "demanding" areas — artificial intelligence, autonomous vehicles, telecommunications and data centers.
The vulnerability affects the open source code of SonicBOOM, which is the basis of many commercial developments of RISC-V chips in China. According to CNCERT, both standalone chips and integrated processor cores in large systems on a chip (SoC) are at risk.
This disadvantage requires increased attention from all manufacturers and market participants of processors based on RISC-V. Of particular concern are reports of possible US sanctions aimed at restricting China's access to RISC-V technologies due to concerns about the rapid transfer of critical know-how.
Such restrictions can affect not only Chinese companies, but also global technology giants with a consumer base in the Middle Kingdom.
An experienced team led by Professor Hu Wei specializes in designing secure hardware architecture, identifying vulnerabilities, and ensuring the security of cryptographic systems.
Processors with different architectures use different approaches to "translate" between the software and hardware layers to achieve maximum performance. Intel and AMD processors with the CISC (Complex Instruction Set Computer) architecture combine several instructions into one more complex one to process fewer instructions in one cycle. In turn, RISC-V follows the concept of RISC (Reduced Instruction Set Computer) and breaks down commands into simpler operations to speed up their execution. This fundamental difference was the reason for the discovered gap in the open source RISC-V code.
A research team from Northwestern Polytechnic University (NPU) led by Professor Hu Wei discovered a serious security flaw in the design of processors based on the open RISC-V standard . The vulnerability identified poses a threat to the rapidly growing domestic microelectronics industry in China.
The discovered flaw allows attackers to bypass the defense mechanisms of modern processors and operating systems even without obtaining administrative privileges. This opens up opportunities for stealing confidential data and violating the privacy of users.
The discovery was made as part of a national program to investigate processor hardware vulnerabilities initiated by the Chinese government in 2021. In addition to NPU, Tsinghua University, the Institute of Microelectronics of the Chinese Academy of Sciences, and the National Computer Incident Response Center (CNCERT) participated in the project.
RISC-V is an open architecture for high-performance microchips and semiconductors. Unlike Intel and AMD's proprietary instructions, RISC-V provides free access and modifiability without restrictions. China sees it as the key to technological independence from Western sanctions in the field of microelectronics.
According to NPU, by the end of 2022, about 50 different models of domestic RISC-V processors were produced in China. They are used primarily in embedded systems, industrial automation, wireless networks, storage systems, and the Internet of Things. However, in the near future, it is expected to expand the use of RISC-V in more "demanding" areas — artificial intelligence, autonomous vehicles, telecommunications and data centers.
The vulnerability affects the open source code of SonicBOOM, which is the basis of many commercial developments of RISC-V chips in China. According to CNCERT, both standalone chips and integrated processor cores in large systems on a chip (SoC) are at risk.
This disadvantage requires increased attention from all manufacturers and market participants of processors based on RISC-V. Of particular concern are reports of possible US sanctions aimed at restricting China's access to RISC-V technologies due to concerns about the rapid transfer of critical know-how.
Such restrictions can affect not only Chinese companies, but also global technology giants with a consumer base in the Middle Kingdom.
An experienced team led by Professor Hu Wei specializes in designing secure hardware architecture, identifying vulnerabilities, and ensuring the security of cryptographic systems.
Processors with different architectures use different approaches to "translate" between the software and hardware layers to achieve maximum performance. Intel and AMD processors with the CISC (Complex Instruction Set Computer) architecture combine several instructions into one more complex one to process fewer instructions in one cycle. In turn, RISC-V follows the concept of RISC (Reduced Instruction Set Computer) and breaks down commands into simpler operations to speed up their execution. This fundamental difference was the reason for the discovered gap in the open source RISC-V code.
