Comment by TomVDB
7 years ago
As much as I believe that RISC-V will work its up in the embedded space, I don't think many people care about the "chips you can truly trust" argument.
The moment you're talking ASIC (or even FPGA, with an opaque bitstream), it's anybody'd guess what happens whether you use a RISC-V CPU or not. Even if the known CPU is known to be untainted, a tiny, invisible, additional CPU is sufficient to take over the chip and you'd be none the wiser. The area cost of such an additional CPU would be essentially undetectable, less than 0.01mm2 on a modern process.
Unless you're talking about making your ASIC, but in that case, a commercial offering (which typically comes with a source code license) gives you just as much access to review the code for hidden firmware.
Given the possibility of dopant-level backdoors (see https://sharps.org/wp-content/uploads/BECKER-CHES.pdf ), you can't trust a chip you didn't fab yourself even if it passes optical inspection.
But maybe a simple FPGA design would be resistant to this technique if the attacker didn't know the intended bitstream in advance.