Google LLC today launched OpenTitan, an open-source initiative designed to encourage the development of so-called root-of-trust technology for data center and consumer devices.

When a system is described as having a root of trust, it means there’s a specialized chip or module responsible for blocking hacking attempts. In Google’s latest Pixel 4 phones, for instance, that role is played by the Titan M microcontroller. It’s a tiny processor (pictured) that verifies the integrity of the firmware on the users’ handsets every time they turn them on.

In data centers, meanwhile, the root of trust is often what’s known as a hardware security module, a dedicated appliance that “safekeeps” the encryption keys with which servers scramble sensitive data. Hardware security modules are isolated from the rest of the network and frequently come in a tamper-resistant case.

Through OpenTitan, Google hopes to supply the industry with common technology building blocks for creating root-of-trust products. The search giant is currently developing a purpose-built chip design for the project that uses the popular RISC-V architecture. There are many other components in the works too, including firmware, coprocessors optimized to handle cryptographic tasks and a physical random-number generator for creating encryption keys.

“Open-source silicon can enhance trust and security through design and implementation transparency,” Royal Hansen‎, Google’s head of information security, and OpenTitan lead Dominic Rizzo wrote in a blog post. “Issues can be discovered early, and the need for blind trust is reduced.” They added that freely sharing core technologies can “enable and encourage innovation through contributions to the open-source design.”

Google is actively working to attract an ecosystem of contributors. The company has transferred stewardship of OpenTitan to LowRisc, an industry body affiliated with Cambridge University, and is recruiting outside partners to support development. Initial backers include Western Digital Inc., chipmaker Nuvoton Technology Corp., G+D Mobile Security GmbH and the ETH Zurich research university in Switzerland.

Hansen and Rizzo wrote that the technology produced through OpenTitan will be “helpful for chip manufacturers, platform providers and security-conscious enterprise organizations that want to enhance their infrastructure.”

Any technology that those organizations contribute back to OpenTitan could in turn prove useful for Google. The company uses root-of-trust chips in its Pixel phones, Pixel Slate tablet and, most important, in its data centers to protect servers from attack. 

The promise of more effective security chips may even tempt some of Google’s rivals to join OpenTitan. Apple Inc. ships a homegrown root-of-trust processor called the T2 with certain Mac models, while Amazon Web Services Inc. provides hardware security module features through its cloud platform.

Photo: Google