At HOTCHIPS last year, Google presented its security processor Titan. You can read lots of details at my post Google's Titan: How They Stop You Slipping a Bogus Server into Their Datacenter. Titan provides a silicon root of trust (RoT) and is used in Google's data centers and in its own Android phones.

At the end of that post, I wrote about Open Titan, a plan by Google to move towards open-sourcing a version of Titan.

Titan as described is proprietary to Google, but the basic security mechanisms and the digital implementation are commodities, and good candidates for open-sourcing. So Google is moving towards an open, transparent implementation of a secure root-of-trust, built around a RISC-V processor. It could be implemented in "any" technology, with standard-cells, memories, I/Os, etc, provided either open source or by the foundry, along with foundry-specific blocks such as OTP and flash. Some of the blocks, such the TRNG, require more than digital logic and would depend on an analog implementation (with a digital wrapper). Those blocks have dotted red lines around the blocks in the above diagram. In fact, Google has set up the Silicon Transparency Working Group along with lowRISC, and ETHZurich to drive this project. Eventually, this will be open to anyone (some time next year, probably).

OpenTitan

On Tuesday this week, OpenTitan was officially announced. The project with be run by lowRisc, not by Google. Other partners announced were ETH Zurich, G+D Mobile Security, Nuvoton Technology, and Western Digital.

lowRisc is a non-profit that develops and maintains open-source silicon designs and tools including processor and SoC designs, RISC-V tools, and the LLVM compilers.

ETH Zurich is a technical and engineering university in Zurich, Switzerland. It actually stands for Eidgenössische Technische Hochschule so you can see why they use initials. The PULP family of RISC-V implementations is from Zurich such as Pulpino and Pulpissimo. And the Ibex core, which is a key element of OpenTitan.

You might not have heard of G+D but they are well-known in the security world. Their full name is Giesecke & Devrient. They are the leading manufacturer of sim-cards for mobile phones, with over 3B cards in 80 countries. Since there are about 6B mobile phones in the world, that means about half of them rely on G+D for security. They are also big in automotive security. They are headquartered in Munich, Germany.

Nuvoton is a Taiwan-based microcontroller company.

Western Digital is a leading manufacturer of hard-disk drives (HDDs), solid-state-drives (SSDs), and flash memory (they purchased SanDisk in 2016). They are also committed to transitioning all their products to use RISC-V (over time). They created and open-sourced a high-performance in-order RISC-V processor called SweRV (see my post RISC-V Cores: SweRV and ET-Maxion).

With the increasing awareness that hostile elements might be trying to infiltrate data centers and factories, this announcement is very timely. Or as TechCrunch puts it:

It comes at a time when tech giants and governments alike are increasingly aware that hostile nation states are trying to infiltrate and compromise supply chains in an effort to carry out long-term surveillance or espionage.

The Titan security lead at Google, Dominic Rizzo, emphasized that OpenTitan is work in progress:

OpenTitan should not be considered a finished product by any means; rather, by opening up OpenTitan mid-development, it is hoped that additional partners will sign up, inspect, contribute to, and continue to improve the design.

Silicon

Note that OpenTitan is not a silicon implementation, it is not a chip. It is not even a complete SoC design. As you can see from the block diagram near the start of this post, some blocks are blue meaning proprietary IP that depends on the foundry process, some contain analog elements meaning they require special attention and can't just be synthesized from "open" RTL. However, large parts of OpenTitan, both software and RTL, are open. So any specific implementation still has to design some blocks and assemble the chip, but a lot is already available off the shelf.

More Details

See the OpenTitan website. For details of the hardware, this page gives the specifications of the IP blocks, including the Ibex core, and available verification IP.

 

Sign up for Sunday Brunch, the weekly Breakfast Bytes email.