Recientemente the news broke that Google has partnered with several companies of technology to develop secure and open source chips. The goal of the new coalition is to create chip designs robust for use in data centers, servers and peripherals installed in critical locations.
The project is called OpenTitan, an open source initiative designed to encourage the development of so-called root-of-trust technology for data centers and consumer devices. The company intends to use it on its Android-based smartphones, as well as different hardware security devices.
Google said that OpenTitan will be managed by the LowRisc community. Partners include ETH Zurich, G + D Mobile Security, Nuvoton Technology, and Western Digital.
At the same time, The ability to adapt OpenTitan to almost any device or software is claimed. When a system is described as having a root of trust, it means that there is a specialized chip or module responsible for blocking hacking attempts.
In the past phoneGoogle's Pixel 4, for example, the Titan M microcontroller plays that role. It is a small processor that verifies the integrity of the firmware in users' phones every time they turn them on.
Meanwhile in data centers, the root of trust is often what is known as a hardware security module, a dedicated device that 'protects' the encryption keys with which the servers encrypt confidential data. Hardware security modules are isolated from the rest of the network and often come in a tamper-resistant case.
Through OpenTitan, Google hopes to provide the industry with common technology building blocks for creating trusted root products.
The search giant is currently developing a design specially designed chip for the project using the popular RISC-V architecture. There are also many other components in the works, including firmware, coprocessors optimized to handle cryptographic tasks, and a physical random number generator for creating encryption keys.
«Open source chips can improve trust and security through design and transparency of implementation »
"Problems can be discovered early and the need for blind trust is reduced." They added that freely sharing core technologies can "enable and foster innovation through contributions to open source design." Wrote Royal Hansen, Google's chief information security officer and OpenTitan leader Dominic Rizzo in a blog post.
Google is actively working to attract an ecosystem of contributors. The company has transferred management of OpenTitan to LowRisc, an industry body affiliated with the University of Cambridgey is recruiting external partners to support development.
Hansen and Rizzo wrote that technology produced through OpenTitan will be
"Useful for security-conscious chipmakers, platform providers, and business organizations looking to upgrade their infrastructure."
Any technology those organizations contribute to OpenTitan could prove useful to Google. The company uses trusted root chips in its Pixel phones, Pixel Slate tablet, and most importantly, in its data centers to protect servers from attacks.
The promise of more effective security chips may even tempt some of the rivals Google to join OpenTitan.
Apple Inc. for example has its trusted root processor called T2 with certain Mac models, while Amazon Web Services Inc. provides hardware security module functions through its cloud platform.
For its part, taking advantage of its position in data infrastructure and open source technologies, Western Digital is working with ecosystem partners to optimize the OpenTitan framework to meet the diverse security demands of core-to-edge data-centric storage use cases, including machine learning applications, smartphones, and Internet of Things (IoT) connected devices.
More information about it, this link.