Google this week announced OpenTitan, an open source silicon root of trust (RoT) project that can help ensure that both hardware infrastructure and the software running on it remain in a trustworthy state.
OpenTitan aims to deliver a high-quality RoT design and integration guidelines that can be used in data center servers, storage, peripherals, and more, and Google decided to open source it to make it more transparent, trustworthy, and secure.
Silicon RoT verifies that critical system components boot securely using authorized and verifiable code, Google explains.
To improve security, Silicon RoT ensures that a server or a device boots with the correct firmware, provides a cryptographically unique machine identity, protects secrets like encryption keys in a tamper-resistant way, and delivers authoritative, tamper-evident audit records and other runtime security services.
Applications for the technology range from server motherboards and network cards to client devices (such as laptops and phones), consumer routers, IoT devices, and more.
Google’s custom-made RoT chip, Titan, has helped ensure that machines in the Internet giant’s data centers boot from a known trustworthy state with verified code, the company explains.
“Recognizing the importance of anchoring the trust in silicon, together with our partners we want to spread the benefits of reliable silicon RoT chips to our customers and the rest of the industry. We believe that the best way to accomplish that is through open source silicon,” Google says.
According to Google, open source silicon can improve trust and security by ensuring the transparency of design and implementation, can encourage innovation through contributions to the open source design, and can offer implementation choice, while preserving a set of common interfac ..