Renode integration with MPACT-Cheriot for secure IoT systems simulation
Published:
Topics: Open simulation, Open source tools
The Capability Hardware Extension to RISC-V for Internet of Things (CHERIoT) project provides a hardware platform built around a modified RISC-V Ibex core, designed for enhanced security through limited access of executed applications to individual components of the system. Developed by a group of commercial and university partners, it implements CHERI (Capability Hardware Enhanced RISC Instructions) for the RISC-V ISA.
The recently introduced MPACT-Cheriot project, developed by Google and built on top of the MPACT-Sim-based MPACT-RiscV ISS, provides an ISS for the CHERIoT architecture, which integrates with Antmicro’s Renode simulation framework for full-system simulation of CHERI-enabled hardware.
While the original article focuses on the details of CHERI support in MPACT-Sim/Cheriot, in this article we will showcase a demo of a complete CHERI-enabled RISC-V platform in Renode utilizing the dedicated Renode plugin.
Renode for full SoC simulation
MPACT-Sim integration with Renode was first developed by Google in collaboration with Antmicro as part of Google’s Open Se Cura project where Renode was used for pre-silicon development and architectural exploration.
For Open Se Cura, Antmicro developed a wide range of OpenTitan Renode peripheral models, which means you can run complete and unmodified software on a simulated platform, including I/O as well as sensor and actuator interaction. With support for a wide range of peripheral models, Renode can help in building your next-gen CHERI-enabled SoC or system.
From a user’s perspective, the MPACT-Cheriot ISS provides three main targets: the standard mpact_cheriot, cheriot_test_rig for integration with the TestRIG RISC-V testing framework, and renode_mpact_cheriot which produces a .so file that can be then used in Renode.
Demo: co-simulation of a complete CHERI-enabled RISC-V platform in Renode
To test Renode’s integration with MPACT-Cheriot, first make sure you have the latest version of Renode. You can either download the pre-built binaries or follow the instructions to build it from source.
Next, you need to download the CHERIoT architecture simulator from the official repository, or get pre-built binaries we provide. Follow the build instructions as described in the README. The shared library librenode_mpact_cheriot.so is the instruction level simulation library, made ready to interface with the Renode framework.
The simulation library will be loaded by the Renode-MPACT plugin to emulate the CPU. You need to clone the repository containing the plugin, but there is no need to build anything - you just need the plugin, which can be loaded at runtime thanks to Renode’s built-in C# compiler features.
Renode supports a large set of I/O and hardware configurations, and uses a description format called .repl to represent the entire hardware platform that the software is expected to run on. You can use a bare-minimum platform such as the one shown below:
cpu: MpactCPU.MpactCheriotCPU @ sysbus
id: 0
cpuType: "Mpact.Cheriot"
endianness: Endianess.LittleEndian
memoryBase: 0x80000000
memorySize: 0x40000
revocationMemoryBase: 0x83000000
clint: IRQControllers.CoreLevelInterruptor @ sysbus 0x02000000
[0,1] -> cpu@[3,7]
frequency: 2000
mem: MpactCPU.MpactPeripheral @ sysbus 0x80000000
baseAddress: 0x80000000
size: 0x10000000
mpactCpu: cpu
uart: UART.NS16550 @ sysbus 0x10000000
wideRegisters: true
This platform consists only of the CHERIoT CPU, platform memory, an interrupt controller (CLINT) and a UART model. If you want to build the CHERIoT RTOS for a different target or add your own board, you will need to update it according to your needs as per the needs of the CHERIoT project.
With the simulation part all set up, all you need is a program to run. There is an extensive list of samples available in the CHERIoT project.
To streamline the development experience, get the existing development container as described in the CHERIoT tutorial:
docker run --rm -it ghcr.io/cheriot-platform/devcontainer:latest
Next, build a sample in the container. For the demo, we are choosing the producer_consumer_compartment sample.
export PATH=$PATH:/cheriot-tools/bin/
cd /home/cheriot/
git clone https://github.com/CHERIoT-Platform/book-examples/ --recursive
cd book-examples/examples/producer_consumer_compartment
xmake
You will need a way to extract the sample outside the container’s filesystem. Consider mounting a directory from the local filesystem when creating the container, or use the docker cp command to extract the binary.
Finally, run these commands inside Renode to execute the demo:
i @mpact-sim/mpact/sim/util/renode/renode_cs/MpactCPU.cs
i @mpact-sim/mpact/sim/util/renode/renode_cs/MpactCheriotCPU.cs
i @mpact.repl
cpu CpuLibraryPath @librenode_mpact_cheriot.so
cpu ExecutableFile @producer-consumer
sysbus LoadELF @producer-consumer
showAnalyzer uart
The expected output will look like the one below:
Consumer: Queue set to 0x80009120 (v:1 0x80009120-0x80009178 l:0x58 o:0xb p: G RWcgm- -- ---)
Consumer: Waiting for messages
Producer: Starting producer loop
Producer: Producer sending 1 to queue
Producer: Producer sending 2 to queue
Producer: Producer sending 3 to queue
Producer: Producer sending 4 to queue
Consumer: Read 1 from queue
Consumer: Read 2 from queue
Consumer: Read 3 from queue
Producer: Producer sending 5 to queue
Producer: Producer sending 6 to queue
Producer: Producer sending 7 to queue
Consumer: Read 4 from queue
Consumer: Read 5 from queue
Consumer: Read 6 from queue
[...]
Renode for secure IoT systems development
Use cases such as CHERIoT or Precursor demonstrate Renode’s capabilities in security-oriented projects, in which the framework’s advanced testing and debugging capabilities play a critical role. By providing a deterministic simulation environment and features such as support for virtual time, Renode can help you ensure your next secure SoC project is thoroughly tested at every stage, even in the pre-silicon development and prototyping stages.
Reach out to us at contact@antmicro.com to discuss how Antmicro can help you benefit from Renode’s versatility, and visit our offering page to learn more about Renode’s capabilities for efficient and secure system development.
