Security begins with secure infrastructure. To have higher confidence in the security and integrity of the infrastructure, we need to anchor our trust at the foundation - in a special-purpose chip.
Today, along with our partners, we are excited to announce OpenTitan - the first open source silicon root of trust (RoT) project. OpenTitan will deliver a high-quality RoT design and integration guidelines for use in data center servers, storage, peripherals, and more. Open sourcing the silicon design makes it more transparent, trustworthy, and ultimately, secure.
The OpenTitan logo
Anchoring trust in siliconSilicon RoT can help ensure that the hardware infrastructure and the software that runs on it remain in their intended, trustworthy state by verifying that the critical system components boot securely using authorized and verifiable code. Silicon RoT can provide many security benefits by helping to:
- Ensure that a server or a device boots with the correct firmware and hasn't been infected by a low-level malware.
- Provide a cryptographically unique machine identity, so an operator can verify that a server or a device is legitimate.
- Protect secrets like encryption keys in a tamper-resistant way even for people with physical access (e.g., while a server or a device is being shipped).
- Provide authoritative, tamper-evident audit records and other runtime security services.
Raising the transparency and security bar
Similar to open source software, open source silicon can:
- Enhance trust and security through design and implementation transparency. Issues can be discovered early, and the need for blind trust is reduced.
- Enable and encourage innovation through contributions to the open source design.
- Provide implementation choice and preserve a set of common interfaces and software compatibility guarantees through a common, open reference design.
The founding partners of the OpenTitan project
OpenTitan is an active engineering project staffed by a team of engineers representing a coalition of partners who bring ideas and expertise from many perspectives. We are transparently building the logical design of a silicon RoT, including an open source microprocessor (the lowRISC Ibex, a RISC-V-based design), cryptographic coprocessors, a hardware random number generator, a sophisticated key hierarchy, memory hierarchies for volatile and non-volatile storage, defensive mechanisms, IO peripherals, secure boot, and more. With OpenTitan, a coalition of partners have come together to deliver a more open, transparent, and high-quality RoT.
A comparison of the major design components of a traditional RoT and an OpenTitan RoT
The OpenTitan project is rooted in three key principles:
- Transparency - anyone can inspect, evaluate, and contribute to OpenTitan’s design and documentation to help build more transparent, trustworthy silicon RoT for all.
- High quality - we are building a high-quality logically-secure silicon design, including reference firmware, verification collateral, and technical documentation.
- Flexibility - adopters can reduce costs and reach more customers by using a vendor- and platform-agnostic silicon RoT design that can be integrated into data center servers, storage, peripheral and other devices.
Participating in the OpenTitan projectOpenTitan will be helpful for chip manufacturers, platform providers, and security-conscious enterprise organizations that want to enhance their infrastructure with silicon-based security. Visit our GitHub repository today.
If you are interested in actively collaborating on OpenTitan to help make secure open source silicon a reality, we encourage you to contact the OpenTitan team. If you would like your product to be considered for a pilot OpenTitan RoT integration, the team would be excited to hear from you.