Elementary example programs to test your Sancus distribution.
The following programs showcase the security properties offered by a Sancus processor.
Security feature | Example program | Comments |
---|---|---|
Software module isolation | hello-world | Minimal working example to enable/disable a Sancus module. |
Secure linking | sensor-reader | Caller/callee authentication between sensor and reader SMs. |
Remote attestation | sensor-reader | Compute MAC over fresh challenge (nonce). |
Secure communication | sensor-reader | Authenticated encryption with associated data primitive. |
Confidential deployment | hello-world | SM text section is transparently encrypted at build time. |
Building upon the above primitives, compiler support has been implemented for the following additional features.
Compiler feature | Example program | Comments |
---|---|---|
Secure memory-mapped I/O | sensor-reader | Assembly driver SM with exclusive ownership over sensor device. |
Secure interrupt handling | todo | Minimalist program using SM_ISR for GPIO IRQ? |
Dynamic loading | todo | Issue #3 |
Intra-SM multiplication | arithmetic | Dummy SMs performing secure (inlined) arithmetic operations. |
Reactive programming | todo | Minimalist (non-contiki) program with SM_INPUT/OUTPUT ? |
All example binaries can be ran in either the Sancus Verilog simulator, or on an external FPGA. To build and run the example in sancus-sim
, proceed as follows:
$ make sim
Alternatively, to upload the example to an FPGA using sancus-loader
:
$ make load