Betrusted’s Precursor and Renode - a user story
Topics: Open security / safety, Open ISA, Open FPGA IP, Open toolchains
As more and more companies, organizations and educational institutions are using Renode’s hardware simulation and testing capabilities, we get a lot of questions along the lines of “Can I run my board in Renode and how complicated is it?” One such inquiry came our way in some pretty unique circumstances last year when we bumped into Xobs, one of the lead engineers behind the Precursor project, at the last Hackaday Superconference - back in the seemingly distant past when we still had in-person events!
What is Precursor?
Precursor is a mobile, open source FPGA-based development platform for security-oriented applications like crypto wallets and encrypted text and voice chats. The hardware is developed by bunnie whom you may know from other open source projects we work with, like the NeTV2.
Precursor’s main FPGA - a Xilinx Spartan 7 - features the VexRiscv CPU, a very flexible FPGA-friendly RISC-V implementation (see e.g. our article about of the ways in which we use VexRiscv) as well as a number of different peripherals, an LCD screen and a keyboard. There are 8 GPIOs for adding your own modules, e.g. an LTE modem, with the screen, keyboard and bezel also being replaceable. Built with focus on security, it doesn’t have a microphone, its Wi-Fi is hardware sandboxed for safe use with Wi-Fi hotspots, and there’s a self-destruct option for some encryption keys. It is the first stage of the Betrusted project - a secure and private communication system that provides safe defaults for everyday users. Being open source, Precursor is easily inspectable for potential vulnerabilities and quick development of fixes. It is being launched via an ongoing CrowdSupply campaign, which is now close to reaching its goal - we encourage you to get one if you are looking for an FPGA-based platform for RISC-V security.
So what about that encounter at Supercon?
Xobs had already been using simulation in Precursor’s development but was not entirely happy with the results. He wanted to find out how much hassle it would require to run the platform’s firmware in Renode, asking for guidance in using our open source framework. He gave us an SVD file generated by their LiteX config and, to his surprise, within 2 hours we were able to show Renode running exactly the same software as he had run on the Precursor board. This started a very positive relation which eventually led the Precursor team to use Renode for their project.
How Renode is boosting Precursor development
Using their previous simulation approach, the Precursor team ran into some challenges. The rapidly progressing development of gateware made reliable, repeatable and deterministic emulation hard to achieve - adding or modifying a part of the system required writing a lot of code, effectively doubling the original development work.
Renode provided the Precursor team with means to overcome those obstacles and turned out to be vital in developing the core of their Rust-based operating system. What they found especially useful is that configuration is done with .repl files, which are plain text and make it very simple add/remap peripherals. A big part of Renode’s appeal for Precursor was its extensibility and modularity, the ability to add peripherals quickly and without repetitive code, and the ease of integration with other languages, e.g. Python.
The Precursor team described their experience in an article on the project’s CrowdSupply page - if you are interested to learn more, be sure to give it a read!
Renode, RISC-V and security
It is not a coincidence that Precursor has chosen RISC-V as the default CPU for their platform. The open source character of the architecture enables complete transparency, making it easy to backtrack and fix any bugs and potential security holes before the system goes to market. Antmicro is heavily involved in the worldwie ecosystem developing the ISA and polishing its security-oriented features, such as trusted execution environment and cryptography extensions, strengthening its position as a popular choice among designers of secure and reliable systems.
With extensive RISC-V support, Renode offers an ideal platform for developing security-oriented applications, as its robust testing and debugging capabilities help ensure that software is free from security flaws. As a recent example, DornerWorks has used our open source simulation framework to showcase how it can be used to build ultra secure RISC-V systems featuring seL4. Security-oriented custom IP companies like Dover Microsystems are using our framework to prototype and refine their systems together with their customers and in collaboration with Antmicro, thanks to Renode’s open source nature.
The story goes on
More than satisfied with the results achieved so far, the Precursor team will continue to rely on Renode for emulating additional hardware components as the ecosystem is further expanded. With its Continuous Integration-driven testing features and metrics analysis capabilities that enable convenient and effective software development, Renode is used by our customers and partners such as Google, Arm, QuickLogic, Microchip, as well as by open source projects like Zephyr, TensorFlow Lite Micro and in education, improving workflows and widening access to various technologies.