As RISC-V expands into embedded critical domains like IoT and automotive automotive require predictable isolation mechanisms. Traditional MMU-based virtualization is often impractical for these resource-constrained environments due to the latency of page-table walks and significant memory overhead. In contrast, MPU-style region-based protection offers deterministic access checks with minimal footprint, making physical memory protection essential for secure, mixed-criticality systems.

While RISC-V PMP provides such mechanisms at machine privilege level, modern embedded software stacks, including RTOSes, separation kernels, and lightweight hypervisors, require similar capabilities at supervisor level. The proposed Supervisor-mode Physical Memory Protection (SPMP) extensions address this gap by allowing supervisor software to define access permissions over physical memory regions, enabling robust compartmentalization of software components in systems without virtual memory.

Virtualization further increases the need for such mechanisms. Embedded hypervisors are increasingly used to consolidate multiple operating systems or software domains on a single microcontroller-class platform while maintaining strict isolation guarantees. To support this model, SPMP is being extended to interact with the RISC-V Hypervisor extension through a two-stage protection approach (vSPMP), enabling the hypervisor to enforce global isolation while allowing guest operating systems to manage their own protection domains.

This talk presents the current status of the SPMP and SPMP for Hypervisor specifications, their architectural design and rationale, and their integration with the RISC-V privilege architecture. We will discuss the design rationale, implementation considerations, and potential deployment scenarios in secure IoT microcontrollers and automotive mixed-criticality systems.