Open martin-lueker opened 4 years ago
@arnonsha @zi-v @sha-ron
it would be great to hear your opinions here.
This is the same question @msfschaffner , @eunchan and I have been discussing. Ideally we would like to maintain a similar coding style and standard across all code, both open source and proprietary.
IMO, guidelines like ‘Secure Hardware Design Guidelines’ (https://docs.opentitan.org/doc/security/implementation_guidelines/hardware/) should not be enforced for propriety IPs. Reasons:
I understand your point Ziv. But for the IPs that are Nuvoton developed and at least visible to Google, I feel like we need to at least come to a compromise on what we should expect.
I think coding style we maybe can waive, but some of the security principles I feel would be similar. Specifically regarding any single bit signals that are potentially vulnerable.
I agree that security needs to be maintained, but there is room for judgement of which 'single bit signals', for example, should be further protected and how. Maybe we should further discuss the details outside the public domain.
I'm adding this to the M3 milestone as it is something we have to conclude by Gold and is work in progress.
Tagging this as a general multi-top issue and removing from PROD M4.
It does not seem to be relevant for Earlgrey-PROD anymore since we did perform security reviews on the flash and OTP wrappers with Nuvoton, and there are no big changes planned.
Follow-on to #367, as brought up by #390. Once we establish a set of RTL coding guidelines for OpenTitan, the question remains as how enforce this in external components.