Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Cambridge boffins and Google unveil OpenTitan: Because you never know who you can trust

Accepted submission by exec at 2019-11-06 01:18:34
News

Story automatically generated by StoryBot Version 0.2.2 rel Testing.
Storybot ('Arthur T Knackerbracket') has been converted to Python3

Note: This is the complete story and will need further editing. It may also be covered
by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.

FeedSource: [TheRegister]

Time: 2019-11-05 14:57:07 UTC

Original URL: https://www.theregister.co.uk/2019/11/05/google_opentitan_soc_riscv/ [theregister.co.uk] using UTF-8 encoding.

Title: Cambridge boffins and Google unveil OpenTitan: Because you never know who you can trust

--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---

Cambridge boffins and Google unveil OpenTitan: Because you never know who you can trust

Arthur T Knackerbracket has found the following story [theregister.co.uk]:

OpenTitan – an open-source blueprint for a Root of Trust (RoT) system-on-chip based on RISC-V and managed by a team in Cambridge, UK – was teased by Google along with several partners today.

Hardware RoT is a means of verifying the firmware and system software in a computing device has not been tampered with, enabling features such as secure boot. Hardware RoT can also verify the integrity and authenticity of software updates, and prevent a system from being rolled back to an earlier version with known vulnerabilities. It is the lowest-level security piece in a trustworthy system.

But can you trust the RoT itself? The goal of OpenTitan is to provide an open-source design [github.com] for RoT silicon so that it is (as far as possible) open for inspection.

The OpenTitan SoC will use the RISC-V [riscv.org] open-source CPU instruction set architecture, and will be managed by lowRISC [lowrisc.org], a nonprofit in Cambridge, which has "an open-source hardware roadmap in collaboration with Google and other industry partners," we're told.

Today's announcement [googleblog.com] comes from Google, Western Digital, the ETH Zurich university, chip maker Nuvoton Technology, and friends.

The Apache 2.0-licensed OpenTitan SoC will include the lowRISC Ibex microprocessor design, cryptographic coprocessors, a hardware random-number generator, volatile and non-volatile storage, IO peripherals, and additional defensive mechanisms. It can be used in any kind of device, from servers and smartphones to Internet-of-Things gadgets.

Most of the elements involved in making the OpenTitan system on a chip are open source

The project founder and director is Dominic Rizzo, a Google Cloud engineer. He said OpenTitan has been underway for about two years, and that thanks to the involvement of the aforementioned partners, "almost exactly half of the contributions are coming from outside Google."

According to Rizzo: "Current silicon roots of trust are highly proprietary wherein they claim security but you have to take that as a leap of faith and you can't verify it for yourself. OpenTitan is the first open-source silicon root of trust."

Rizzo said there will also be a certification process for implementers, and integration guidelines for users. A reference implementation will be built by lowRISC.

Who will use OpenTitan? The Titan name comes from the custom silicon [theregister.co.uk] Google uses to secure its servers in its data centres, and according to the team, OpenTitan uses "key learnings from designing Google's Titan chips."

Asked whether it would shift to OpenTitan for servers or Pixel devices, the web giant told The Register "we don't have anything to share about future product plans for Google." Given the Chocolate Factory's sponsorship of the project, it would be reasonable to speculate along those lines.

One of Google's goals is to persuade us of the security of its own systems. Western Digital said it "is working with ecosystem partners to optimize the OpenTitan framework to meet the diverse security demands of data-centric storage use cases from the core to the edge." ®


                                        Sponsored:
                                        Your Guide to Becoming Truly Data-Driven with Unrivalled Data Analytics Performance [theregister.co.uk]
                               

-- submitted from IRC


Original Submission