Built-in Security at Chip Level

This post is also available in: עברית (Hebrew)

Tech giants and governments alike are increasingly aware of infiltration attempts and the compromise of supply chains in an effort to carry out long-term surveillance or espionage. With hackers deploying sophisticated attacks against operating systems, processors, etc., built-in security is required at the chip level.

A new coalition has initiated a move that would build trustworthy chip designs for use in data centers, storage and computer peripherals, which are both open and transparent, allowing anyone to inspect the hardware for security vulnerabilities and backdoors.

Google has partnered with several tech companies to develop and build the new, collaborative open-source secure chip design project – OpenTitan.

Effectively, OpenTitan will provide a set of design and integration instructions for use in server motherboards, storage devices, peripherals and other bits of hardware, that build upon the security principles used to create Google’s own Titan security chips, as reported by theinquirer.net.

OpenTitan will be platform-agnostic and can be adapted to almost any device or software, Google said.

According to techcrunch.com, critical to the chip’s success is its root-of-trust technology, which cryptographically ensures that the chip hasn’t been tampered with. Root-of-trust provides a solid foundation for the operating system and applications running on the chip.

Google said OpenTitan will be run by LowRisc, a nonprofit community, and will rely on partnerships with ETH Zurich, G+D Mobile Security, Nuvoton Technology and Western Digital to support the project.

It’s not the first project dedicated to building secure chip designs. The Open Compute Project, supported by Facebook, Intel and Google, was created to open-source designs for its core infrastructure servers.

Apple also has its own secure — albeit proprietary — custom silicon, the Apple T2, found in its latest MacBooks.