Google describes OpenTitan as “the first open source silicon root of trust (RoT) project.” OpenTitan is a set of design and integration guidelines for use in server motherboards, network cards, laptops, phones, consumer routers, IoT devices, and so on. The project is managed by lowRISC, an independent not-for-profit company based in Cambridge, and partners ETH Zurich, G+D, Google, Nuvoton, and Western Digital. By open-sourcing the silicon design, the companies hope OpenTitan will be more transparent, trustworthy, and secure.
Root of Trust (RoT) is a source that can always be trusted within a cryptographic system. As the name implies, OpenTitan is inspired by Google’s custom-made RoT chip, Titan, which is used to verify that Google’s datacenters boot from a known trustworthy state with verified code. Google and its partners want to spread the benefits of RoT chips to their customers using open source silicon.
“When Google initially saw the industry need for an open source silicon reference design, we knew it would require a mature third-party steward like lowRISC to nurture an open source project of this kind for the community,” Dominic Rizzo, Google’s OpenTitan lead, told VentureBeat. “OpenTitan is independently managed by lowRISC, a not-for-profit firm that uses a collaborative engineering methodology to develop and maintain open source silicon designs and tools for the long term. Along with OpenTitan’s coalition of partners in academia, commercial industries, and not-for-profits, Google is supporting and collaborating with lowRISC and our other partners to build a transparent, high-quality reference design and integration guidelines for silicon roots of trust.”
Google argues that open source silicon is like open source software and can enhance trust and security through design and implementation transparency. The hope is that it will enable and encourage innovation. An open reference design could also provide implementation choice while preserving a set of common interfaces and software compatibility guarantees.
OpenTitan’s engineers are currently building the logical design of a silicon RoT. So far, that includes an open source microprocessor (the lowRISC Ibex, a RISC-V-based design), cryptographic coprocessors, a hardware random number generator, a sophisticated key hierarchy, memory hierarchies for volatile and non-volatile storage, defensive mechanisms, IO peripherals, secure boot, and more. You can see the progress on GitHub.
The OpenTitan project has three key principles:
- Transparency — anyone can inspect, evaluate, and contribute to OpenTitan’s design and documentation to help build more transparent, trustworthy silicon RoT for all.
- High quality — we are building a high-quality logically secure silicon design, including reference firmware, verification collateral, and technical documentation.
- Flexibility — adopters can reduce costs and reach more customers by using a vendor- and platform-agnostic silicon RoT design that can be integrated into datacenter servers, storage, peripheral, and other devices.
The group expects OpenTitan will be helpful for chip manufacturers, platform providers, and security-conscious enterprise organizations. That’s the hope anyway. Google and its partners declined to provide a launch date.