This week, Google revealed OpenTitan, a trust-based Open Source Silicone (RoT) project that can make both the hardware infrastructure and the operating software trusted.
OpenTitan aims at offering high-quality RoT development and implementation standards, which can be used on servers, processing, peripherals and more data centres, and Google has chosen to open it to make it transparent, reliable and safe.
Silicon RoT verifies the secure booting of critical systems components using authorized and verifiable code, says Google
For improve security, Silicon RoT guarantees that a database or computer boots with appropriate firmware, provides a unique machine identity, tamper-resistant protection of secrets such as encryption keys and offers credible, tamper-evident audit recordings and other runtime security.
Technology applications range from server motherboards and network cards to customer devices (like laptops and phones), consumer routers, IoT, and more.
Google’s custom-made RoT chip Titan has helped ensure machines boot from a known trustworthy state with verified code in the Internet giant data center, the company explains.
“As we recognize the importance of anchoring silicon trust, we want to spread the advantages of reliable silicon RoT chips to our customers and the industry together with our partners. We believe that open-source silicon is the best way to achieve this, “said Google.
According to Google, open source silicon can improve trust and security by ensuring transparency in design and implementation, promote innovation through open source design contributions, and offer a choice of implementations while preserving the common interfaces and guarantees for software compatibility.
The OpenTitan project is run by the independent, non-profit organization LowRISC CIC and is funding partners including ETH Zurich, G+D Mobile Security, Google, Nuvoton Technology and Western Digital.
According to Google, transparency is at the heart of a practical silicone RoT model, including an open-source microprocessor, cryptographic co-processors, a hardware random number generator, sophisticated Key Hierarchy, dynamic storage space hierarchies, defense mechanisms, IO peripherals, secure boots, and much more.
OpenTitan is based on three key principles, as explained by the Internet giant, namely transparency, high quality and flexibility. This allows everyone to examine, evaluate and contribute to the design and documentation of OpenTitan while adopters can reduce costs via a RoT silicon design for vendors and platforms.