“Shield is not just a block that performs security, but a system based on the silicon root of trust, manufacturing, hardware IP blocks, software libraries, and encryption engines,” says @cdemerjian @semiaccurate.
https://semiaccurate.com/…/sifive-unveils-shield-security-…/
Like other products, it is completely open and approved by SemiAccurate.
Shield is not just a block that performs security, but a system based on the silicon root of trust, manufacturing, hardware IP blocks, software libraries, and encryption engines. There are many moving parts in the shield. Let’s look at some of them in detail.
The slide shows much of what the shield covers. Existing bits like PMP / PMA (Platform Memory Protection / Platform Memory Access) define what the core can see and access at the memory front, but these know what the core itself is doing Only if. Cache attack protection is enhanced against Specter / Meltdown type attacks and supports different attack vectors.
SiFive Shield threat model