The BESSPIN Project

This repository collects all the open source repositories created or extended as a part of Galois's Balancing the Evaluation of System Security Properties with Industrial Needs (BESSPIN) project, part of the DARPA SSITH program. This is an exhaustive list of the resources released as open source, which include a wide range of artifacts ranging from soft-core RISC-V FPGA bitstreams to FETT bug bounty contest web interfaces, and is meant to collect high-level information about those resources in one place. Users of these resources should generally check out only the individual repositories applicable to their interests, rather than the entire (quite large) set represented here.

The following are short descriptions of all the BESSPIN repositories and the resources contained within them; each individual repository contains further documentation about its own contents, in addition to licensing information. The best starting points for new users who want to get something up and running quickly are the BESSPIN-Tool-Suite and BESSPIN-GFE repositories. In the order displayed on GitHub, the repositories are:

• BESSPIN-BMD-2019: source code for the ballot marking device (BMD) that was used in the BESSPIN DEF CON 2019 voting demonstrator (see https://securehardware.org/ for more details).
• BESSPIN-BSC: a fork of an old version of the Bluespec SystemVerilog compiler, used by some of the BESSPIN tools
• BESSPIN-CloudGFE: tools and configurations used in the Amazon Web Services F1 deployment of the BESSPIN GFE platform (see below) and the FETT bug bounty exercise.
• BESSPIN-Demonstrator: source code and documentation for the cyberphysical demonstrator of the SSITH technology
• BESSPIN-Environment: the toolchains, images, and environment variables (managed with the Nix package manager) required to use the BESSPIN Tool Suite and FETT Bug Bounty-related repositories.
• BESSPIN-FETT-AWSHelperService: An AWS Lambda service for terminating long-running AWS F1 instances, part of the FETT bug bounty exercise infrastructure.
• BESSPIN-FETT-Admin-Portal: The administration portal application (written with React) for the FETT bug bounty exercise.
• BESSPIN-FETT-Portal: The participant portal application (written with Node) for the FETT bug bounty exercise.
• BESSPIN-FETT-Portal-AWS-Environment: Scripts to create the AWS CloudFormation templates for the FETT bug bounty exercise.
• BESSPIN-FreeRTOS: the fork of FreeRTOS/FreeRTOS used within the BESSPIN project.
• BESSPIN-FreeRTOS-2019: the snapshot of FreeRTOS that was used in the BESSPIN DEF CON 2019 voting demonstrator (see https://securehardware.org/ for more details).
• BESSPIN-FreeRTOS-Kernel: the fork of FreeRTOS/FreeRTOS-Kernel used within the BESSPIN project.
• BESSPIN-FreeRTOS-Plus-TCP: the fork of FreeRTOS/FreeRTOS-Plus-TCP used within the BESSPIN project.
• BESSPIN-FreeRTOS-RISC-V_Galois_demo: A set of FreeRTOS-based tests for the BESSPIN GFE processors.
• BESSPIN-FreeRTOS-mirror: the fork of coldnew/FreeRTOS-mirror used within the BESSPIN project.
• BESSPIN-GFE: The BESSPIN Government-Furnished Equipment (GFE). This includes all the resources required to run the GFE baseline processors, or other processors for which you have bitstreams, on a Xilinx VCU118 FPGA development board or in simulation using Verilator.
• BESSPIN-GFE-2019: the snapshot of the BESSPIN Government-Furnished Equipment (GFE) that was used in the BESSPIN DEF CON 2019 voting demonstrator (see https://securehardware.org/ for more details).
• BESSPIN-LFS: Binary files (stored as Git LFS objects), including application binaries, OS images, and CPU bitfiles, required to run the BESSPIN Tool Suite tests on FPGA, in emulation, and on AWS F1. This repository is a submodule of every other repository that requires it, and should generally not be checked out on its own.
• BESSPIN-Lando: Parsers and command line tools for the Lando System Specification Language, which was developed to specify systems within the BESSPIN project. Lando is a several-generation descendant of the Business Object Notation (BON).
• BESSPIN-Tool-Suite: The core tool suite used to run the BESSPIN test suite on both GFE and secure processors, and to run SSITH processor-based systems on FPGA, in emulation, and on AWS F1. This repository also includes all hardware and software related to the SSITH Cyberphysical Demonstrator (in the cyberphys directory).
• BESSPIN-UI: A proof-of-concept graphical user interface for the BESSPIN Tool Suite.
• BESSPIN-Voter-Registration: Design documentation for, and implementation of, the voter registration system developed for the FETT Bug Bounty exercise.
• BESSPIN-Voting-System-Demonstrator-2019: source code and design documentation (both software and hardware) for the smart ballot box and accompanying software that was used in the BESSPIN DEF CON 2019 voting demonstrator (see https://securehardware.org/ for more details).
• BESSPIN-arch-extract: The BESSPIN systems architecture extraction and feature model extraction tools.
• BESSPIN-chipyard: The fork of the Berkeley Architecture Research Group's Chipyard framework used within the BESSPIN project.
• BESSPIN-chisel3: The fork of the Chisel3 hardware description language used within the BESSPIN project.
• BESSPIN-chisel_processors: Resources required for implementing the BESSPIN GFE processors on the Xilinx VCU118.
• BESSPIN-clafer: The fork of the Clafer language used by other BESSPIN projects.
• BESSPIN-coremark: The fork of the Coremark benchmark used by other BESSPIN projects.
• BESSPIN-firesim: The fork of the Berkeley Architecture Research Group's FireSim framework used within BESSPIN to build on-premises builds of AFIs for AWS F1 deployment.
• BESSPIN-halcyon: A tool for analyzing information leakage in Verilog hardware descriptions.
• BESSPIN-mibench2: The fork of the MiBench2 benchmark used for evaluating SSITH processors.
• BESSPIN-riscv-boom: The fork of the Berkeley Out-of-Order Machine used within the BESSPIN project.
• BESSPIN-riscv-linux: The fork of the Linux kernel for RISC-V used within the BESSPIN project.
• BESSPIN-riscv-openocd: The fork of OpenOCD, the Open On-Chip Debugger, used within the BESSPIN project.
• BESSPIN-riscv-test-env: The fork of the RISC-V Test Environment used within the BESSPIN project.
• BESSPIN-riscv-tests: The fork of the RISC-V Tests repository used within the BESSPIN project.
• BESSPIN-riscv-timing-tests: A set of RISC-V instruction latency tests developed as part of the BESSPIN project.
• BESSPIN-rocket-chip: The fork of the Chips Alliance Rocket Chip Generator used within the BESSPIN project.

Acknowledgement

This material is based upon work supported by the Defense Advanced Research Project Agency (DARPA) under Contract No. HR0011-18-C-0013. Any opinions, findings, conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA.

Distribution Statement "A" (Approved for Public Release, Distribution Unlimited)