How Secure Are Commercial RISC-V CPUs?
H.2214 | Day 1 | 16:40 - 17:15 | Speakers: Fabian Thomas, Lukas Gerlach
Abstract
The last decade of CPU vulnerabilities has shown how microarchitectural performance optimizations can undermine isolation. Transient execution attacks like Meltdown and Spectre exposed deep flaws in x86 CPUs. RISC-V, by contrast, enters with the promise of simplicity and transparency—a clean slate. Yet the question remains: will we repeat the same mistakes, or can we design a secure architecture from the start?
This talk takes a critical look at how RISC-V implementations handle microarchitectural security today. We show that even "simple" in-order designs already suffer from architectural flaws and powerful side channels. In our earlier work, we demonstrated novel attacks, such as Cache+Time and CycleDrift, on the first commercial RISC-V CPUs, exploiting unprivileged access to instruction-retirement counters and cache-timing leakage.
But manual analysis does not scale. RISCover, our open-source differential fuzzing framework, automatically discovers architectural vulnerabilities across closed-source RISC-V CPUs. By comparing instruction behavior across 8 commercial CPUs from 3 vendors, RISCover found what manual analysis missed: GhostWrite, a bug in T-Head's XuanTie C910 that lets unprivileged code write directly to physical memory, completely bypassing virtual memory isolation. We also discovered multiple "halt-and-catch-fire" sequences that crash CPUs from userspace, leading to denial-of-service.
These findings reveal a pattern: while the RISC-V specification provides strong security primitives (e.g., PMP and cleaner privilege separation), implementations consistently choose insecure defaults—leaving unprivileged timing sources enabled, shipping undocumented vendor extensions like XTheadVec without proper validation, and omitting features to limit speculation. RISC-V is at an inflection point: the architecture is still young enough to fix, but adoption is accelerating fast. The decisions vendors make today—insecure defaults, unvalidated extensions, missing mitigations—will be baked into billions of chips we cannot patch.
Attachments
Speakers
Fabian Thomas is a PhD student at CISPA (Germany), working on microarchitectural security. His research focuses on uncovering architectural CPU vulnerabilities, cache attacks, transient execution vulnerabilities, and other hardware-based attacks and defenses.
I am a PhD candidate at CISPA Helmholtz Center for Information Security in the research group of Dr. Michael Schwarz, where I started in 2023. My research focuses on microarchitectural security, exploring vulnerabilities in modern and emerging CPU architectures.
I work on automated security analysis techniques to discover and understand processor vulnerabilities, with publications at IEEE S&P, USENIX Security, and other top venues. My research spans RISC-V security, automated reverse-engineering of CPU internals, side-channel attacks on trusted execution environments, and compiler-induced cryptographic vulnerabilities.
Links
- GhostWrite Website
- Lukas Gerlach Website
- Fabian Thomas Website
- RISCover Differential Fuzzer Repository
- Security-RISC Repository
- Video recording (AV1/WebM; preferred) - 156.9 MB
- Video recording (MP4; for legacy systems) - 795.2 MB
- Video recording subtitle file (VTT)
- Chat room(web)
- Chat room(app)
- Submit Feedback
External Links
Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.