Google launches open-source secure chip design project called OpenTitan

The project aims to make chips that are secure enough to be used in data centers, storage, and computer peripherals. (Image credit: Google)

With so much exposure to technology, we’d like to think we’re savvy enough to avoid cyber attacks. But as we’ve seen in recent years, the more sophisticated technology gets, the more sophisticated hackers become, meaning no operating system, firmware, or processor is safe. To fight back, manufacturers have started relying on a “root of trust,” which checks for malicious attacks or any changes every time a system boots up.

While this does offer security improvements, they’re not invincible. Researchers have shown how it’s possible to possible to undermine these chips. So where do we go from here? Google hopes to have their own answer with its latest initiative called OpenTitan.

The project finds Google teaming up with several other tech companies to launch a secure, open-source chip design. The goal of the project is to make trustworthy chip designs that can be used in data centers, storage, and computer peripherals, which are open and transparent, allowing anyone to look at the hardware for security vulnerabilities and backdoors. It's managed and directed by the open-source hardware nonprofit lowRISC CIC.

OpenTitian is centered around Google’s own root of trust chip that can be found in its Pixel 3 and 4 phones. But OpenTitan is not a copy-cut-paste of the now two-year-old chip. Rather, it has its own chip architecture and extensive set of schematics developed by engineers at lowRISC, along with partners at ETH Zurich, G+D Mobile Security, Nuvoton Technology, and Western Digital.

Similar to Linux, OpenTitan is meant to act like a high-quality open-source software project. The team will rely on community feedback and contributions for further developments and improvements on the chip design. This has the potential to get chaotic, which is why lowRISC will manage the project and keep any suggestions and proposed changed from getting out of hand. And, according to Google, the chip can be adapted to almost any device or software.

"Success means it gets much bigger—our goal is everyone can standardize on this," says Urs Hölzle, Google's senior vice president for technical infrastructure. "We think of OpenTitan as the basis of an ecosystem. You don't have to use it exactly one way. ARM and AMD and Intel offer these types of chips, but they’re all opaque. We don’t want to start there, because we can’t verify it."

But Google is going to have some competition, as several other tech companies are designing their own secure chips. The Open Compute Project, supported by Facebook, Intel and Google, was created to open-source designs for its core infrastructure servers in an attempt to get better efficiencies from data center operations. Recently, Microsoft announced its own plan to fight back against cyberattacks. The new hardware and system architecture feature, called secured-core PC, addresses attacks against firmware, which is a big target for hackers. This feature restructures how Windows PCs boot up to detect malicious firmware manipulations before they give attackers access. And, of course, Apple has its own secure chip, the Apple T2 used in its latest MacBooks.

Even with so many eyes on the project, is it guaranteed that OpenTitan will be secure? That remains to be seen. It’s clear Google is using resources to make sure the open-source project doesn’t get out of hand. And some parts of the design won’t be available to the public, such as anything related to intellectual property, chip fabrication, and the physical design kit. But having a project like this open to the public almost invites trouble whether it’s hackers trying to test their skills or people making ridiculous suggestions. It makes you wonder whether it will be too much for Google to handle.

Have a story tip? Message me at: cabe(at)element14(dot)com

http://twitter.com/Cabe_Atwell