Security is increasingly essential as device connectivity rises because the larger attack surfaces make it easier for systems to be hacked. The most foundational level of security is a hardware root of trust (RoT). While many chip companies provide RoT in hardware, the proprietary solutions have come under fire for a lack of transparency; companies designing with them must put blind trust in them.
A new group is promising to make it easier for developers to design trusted security into their systems at the metal level by making security more accessible and transparent. The OpenTitan project says it will deliver the first open-source silicon root of trust (RoT) design, setting a new bar for transparency in trusted silicon.
The project brings together a coalition of companies — including ETH Zurich, G+D Mobile Security, Google, Nuvoton Technology, and Western Digital — and is managed by the independent, not-for-profit company lowRISC CIC (Cambridge, U.K.). Using an evolution of Google’s Titan chip and a RISC-V core from ETH Zurich, the group aims to deliver a more open, transparent, and high-quality RoT that will anchor trust in silicon for critical system components.
OpenTitan said its approach will deliver a radical level of transparency, opening virtually everything, right up to the “foundry boundary.” Staffed by engineers representing the partners, the group is transparently building the logical design of a silicon RoT, including an open-source microprocessor (the lowRISC Ibex, a RISC-V-based design from ETH Zurich), cryptographic coprocessors, a hardware random-number generator, a sophisticated key hierarchy, memory hierarchies for volatile and nonvolatile storage, defensive mechanisms, I/O peripherals, and secure boot. OpenTitan said it will deliver a high-quality RoT design and integration guidelines for use in data center servers, storage, peripherals, and other devices.
Open sourcing the silicon design makes it more transparent, trustworthy and, ultimately, secure. A silicon RoT can help ensure that the hardware infrastructure and the software that runs on it remain in their intended, trustworthy state by verifying that the critical system components boot securely using authorized and verifiable code. It helps ensure that a server or a device boots with the correct firmware and hasn’t been infected by a low-level malware, and it provides a cryptographically unique machine identity so an operator can verify that a server or a device is legitimate. It also protects encryption keys from tampering, even by those with physical access to a product (during shipment, for example), and provides authoritative, tamper-evident audit records and other runtime security services.
“System integrity should be anchored in silicon,” said Google Cloud’s OpenTitan lead, Dominic Rizzo, speaking at the project’s launch event. “At Google, we built our own silicon root of trust with the Titan family of chips. This was proprietary to Google. We learned a lot from integrating it into our data centers, such as the importance of transparent integration and instruction integrity. This was great for our customers but [was] proprietary, as were other roots of trust. So OpenTitan is designed to be open and flexible.” With OpenTitan, he added, designers’ “blind trust is no longer necessary.”
Why open source?
OpenTitan founding partners (Image: OpenTitan)
In a typical implementation, the RoT is interposed physically between the boot processor in the system and the nonvolatile ROM or flash that contains the initial boot firmware. The RoT can therefore validate the integrity of the firmware as it is being read by the boot processor before the system is allowed to boot. The RoT can also provide a path to recovery if latent firmware bugs permit some compromise to occur. The RoT module typically comes in the form of a separate chip or intellectual property embedded in a system-on-chip.
A silicon RoT can be used in server motherboards, network cards, client devices (such as laptops and phones), consumer routers, and IoT devices. Google has relied on its custom-made RoT chip, Titan, to ensure that machines in Google’s data centers boot from a known trustworthy state with verified code.
Google said, “Recognizing the importance of anchoring the trust in silicon, together with our partners we want to spread the benefits of reliable silicon RoT chips to our customers and the rest of the industry. We believe that the best way to accomplish that is through open-source silicon.”
According to Richard New, Western Digital’s vice president of research and development, all RoT chips in use today are proprietary. “Because implementations are opaque, there is no way for an end user to independently verify the quality of the RoT chip’s architecture, firmware, or hardware design. This means that the end user of any such device needs to trust that the designer of the RoT has implemented it correctly and not introduced any errors.”
The argument made by OpenTitan is that an open-source silicon RoT has similar benefits to open-source software. It enhances trust and security through design and implementation transparency, with the ability to discover issues early, and reduces the need for blind trust. The community aspect means innovation is enabled and encouraged through contributions to the open-source design. And while it’s not promoted as a standard, it can help provide implementation choice and preserve a set of common interfaces and software compatibility guarantees through a common, open reference design.
OpenTitan expects to deliver a radical level of transparency, opening virtually everything, right up to the “foundry boundary.” (Image: OpenTitan)
The OpenTitan approach is rooted in three key principles: transparency, quality, and flexibility. Anyone can inspect, evaluate, and contribute to OpenTitan’s design and documentation to help build a transparent, trustworthy silicon RoT. The group is building a high-quality, logically secure silicon design, including reference firmware, verification collateral, and technical documentation. As for flexibility, OpenTitan said adopters can reduce costs and reach more customers by using a vendor- and platform-agnostic silicon RoT design that can be integrated into data center servers, storage, peripherals, and other devices.
Speaking at the press conference, Gavin Ferris, co-founder and board member at lowRISC, said, “We are about 40% to 50% done with the reference design.”
Western Digital’s New said OpenTitan “will be a significant part of our strategy. Our company has a long history in contributing to open source, such as Linux and RISC-V. Open source is the natural path industry needs to take.” He said Western Digital’s view is that the most secure solutions are based on open and inspectable implementations combined with transparent policies and security practices. “Specifically, this means that the best security architectures will be those that are, to the greatest extent possible, open to and inspectable by everyone. This is a noncontroversial view in security circles, but unfortunately one that is not widely followed in practice.
“OpenTitan has the potential to disrupt the proprietary development model and provide an open and inspectable high-quality RoT reference design for the industry at large.”
So what do others in the industry think? “The RoT is a critical part of the IoT,” John Moor, managing director of the IoT Security Foundation, told EE Times Europe. “A major impediment to security is cost, so having an open-source RoT would be helpful.” But he cautioned the need for due diligence on the open-source design. “If it genuinely has scrutiny, it’s a good thing,” he said, adding that having the power of Google behind the effort is probably another good thing.
Andy Hopper, the chairman of lowRISC and a veteran of the computing industry who founded the precursor to Arm back in 1978, said, “The silicon root of trust is too important a foundational security technology to be proprietary. The OpenTitan project is another example of how open-source development encourages innovation and serves greater interests by creating a truly trustworthy piece of silicon. As someone involved in the computer science and hardware industry for several decades, I’m encouraged to see companies working in a more collaborative and transparent fashion with researchers and the open-source community to continue innovating in a post-Moore’s Law world.”
Haydn Povey, another veteran of the chip world and a member of the IoT Security Foundation’s executive steering board, emphasized the “need to make people more aware of the need for a RoT, whether it’s open-source or proprietary.” Povey, who is CEO and founder of Secure Thingz and previously was responsible for security at Arm, added, “Security is never going to be perfect, but it’s vital to have people thinking about security to ensure there are no gaps in thinking. Open source done right can actually be more secure.”
Security is the next major wave of computing, from the “edge to the enterprise,” Povey said. He did not have full details on OpenTitan but said it looked like a major step forward in open-source computing system security.
>> This article was originally published on our sister site, EE Times Europe.