Espressif's Guide Offers Easier Risk-Free ESP32-C3 Security Experimentation via the QEMU Emulator

If you want to try out the ESP32-C3's security features with no risk of bricking your hardware, Harshal Patil's guide will get you started.

Espressif's Harshal Patil has offered a guide for anyone looking to experiment with the security features of the company's ESP32-C3 microcontroller without hardware on-hand — using the QEMU emulator instead.

"Espressif has been developing a system-level emulation of RISC-V based ESP32-C3 using QEMU and its latest release supports all the security features for ESP32-C3," Patil explains of the company's work. "Binary compatibility has been maintained to directly run the firmware built for ESP32-C3 target under QEMU. Emulator approach provides an advantage to iterate various security configurations without risk of bricking the hardware. Once the workflow is established under QEMU, it can be easily adapted for the real hardware."

Announced in 2020 following an unintentional leak, the ESP32-C3 was Espressif's first microcontroller to fully embrace the free and open-source RISC-V instruction set architecture — not adopting it for low-power coprocessor tasks as in prior designs but using it for the chip's main microcontroller core, heralding an official shift in focus away from proprietary architectures for all future parts.

In addition to a 32-bit RISC-V core running at up to 160MHz, the part includes 400kB of static RAM (SRAM), 2.4GHz Wi-Fi and Bluetooth 5.0 Low Energy (BLE) radios, and 22 general-purpose input/output (GPIO) pins.

It's the security features, however, on which Patil's guide focuses, working with an existing demonstration to experiment with Secure Boot V2, flash encryption, and non-volatile storage encryption — but rather than working directly with the actual hardware, everything required to run the experiment is emulated in the open-source QEMU.

"The emulator approach surely provides an advantage to iterate over and debug various security configurations and speed up the testing process to finally develop a production-ready configuration that can be tested on the real hardware," Patil explains of the benefits behind the approach, "without the risk of bricking it due to any misconfigurations. We are actively working to enable support for any other remaining peripherals of an ESP32-C3 as well."

The full guide is available on the Espressif blog.

Gareth Halfacree
Freelance journalist, technical author, hacker, tinkerer, erstwhile sysadmin. For hire:
Latest articles
Sponsored articles
Related articles
Latest articles
Read more
Related articles