[eb3c90]

I wonder if you can monitor energy usage (with an external chip) and compare it to what is expected to catch major changes.

So for the FPGA you could load it with a risc-v arch and then run that arch through some performance load. If the energy usage has changed a lot it may well be doing something nefarious. Bonus points if you can have a (set of) reference fpga's in the cloud you can compare arbitrary work loads on so that it is harder to predict and be stealthy about nefarious activities.

Use side-channel sources of information, where possible, to drive down the scale of changes possible.

[jacquesm]

I think that at some point in the future 'zero trust' will extend all the way down to the hardware level with individual components exchanging keys or otherwise nothing will happen. There simply won't be a safe perimeter within which you can trust another piece of hardware. And that's probably as it should be because a modern computer is better thought of as a network of - hopefully - collaborating processors than a single CPU with some RAM and peripherals.

Any one of those can be turned against you.

[xobs]

This design does actually have a second external FPGA chip, which is in the "Untrusted" domain. It's running an ICE40UP5K, and acts more as the power management IC that turns the secure domain on and off.