Elementary example programs to test your Sancus distribution.
The following programs showcase the security properties offered by a Sancus processor.
| Security feature | Example program | Comments |
|---|---|---|
| Software module isolation | hello-world | Minimal working example to enable/disable a Sancus module. |
| Secure linking | sensor-reader | Caller/callee authentication between sensor and reader SMs. |
| Remote attestation | sensor-reader | Compute MAC over fresh challenge (nonce). |
| Secure communication | sensor-reader | Authenticated encryption with associated data primitive. |
| Confidential deployment | confidential-loading | SM text section is transparently encrypted at build time. |
| Secure interrupts | timer | Interruption and resumption of an application SM by untrusted ISR software. |
Building upon the above primitives, compiler support has been implemented for the following additional features.
| Compiler feature | Example program | Comments |
|---|---|---|
| Secure memory-mapped I/O | sensor-reader | Assembly driver SM with exclusive ownership over sensor device. |
| Secure interrupt handling | timer-protected | Secure, authenticated interrupt delivery to an intra-SM interrupt handler. |
| Dynamic loading | dynamic-loader | SM binary image is dynamically linked and loaded by untrusted support software at runtime. |
| Intra-SM multiplication | arithmetic | Dummy SMs performing secure (inlined) arithmetic operations. |
| Reactive programming | todo issue #20 | Minimalist (non-contiki) program with SM_INPUT/OUTPUT? |
First, make sure you have a working Sancus distribution. See the sancus-main repository for detailed installation instructions.
All example binaries can be ran in either the Sancus Verilog simulator, or on an external FPGA. To build and run the example in sancus-sim, proceed as follows:
$ make simAlternatively, to upload the example to an FPGA using sancus-loader:
$ make load