Performance Implications for Multi-Core RISC-V Systems with Dedicated Security Hardware


  • Samuel Chadwick Airforce Institute of Technology, Wright-Patterson AFB, USA
  • Scott Graham Airforce Institute of Technology, Wright-Patterson AFB, USA
  • James Dean Airforce Institute of Technology, Wright-Patterson AFB, USA


confidential computing, keystone security monitor, performance characterization, physical memory protection, RISC-V, secure enclave, trusted execution environment


The RISC-V instruction set architecture (ISA) is a promising open-source architecture supporting the Open Era of Computing. As RISC-V matures, consumers, industry leaders, and nation states are looking at the potential benefits RISC-V offers –especially for secure systems which may require privileged architecture implementations, physical memory protection (PMP), or trusted execution environments (TEEs) among other hardware-based security primitives. The inclusion of these security technologies unavoidably impacts the performance of any given compute system. To quantify the performance impacts introduced by secure enclave processing, representative computational benchmarks are executed on the Freedom U74-MC System-on-a-Chip (SoC) onboard the HiFive Unmatched development board by SiFive. These benchmarks are conducted across applicable modes of the RISC-V Privileged ISA specification to analyze Privileged ISA and PMP performance implications for Confidential Computing. To evaluate performance impacts, a theoretical model is applied to represent the interactions of the security monitor. The Keystone enclave framework tasks the security monitor with enforcing strict adherence to system security primitives while the Phoronix Test Suite (PTS) captures performance data. Individual benchmarks are conducted both with and without secure enclave technologies to characterize representative performance metrics.