ARM may be partnering with the UK government to create more secure chips, but Google wants the help of the open source community. The company has announced the OpenTitan project, which the company hopes will deliver an ultra-secure Root of Trust chip design that can be used to protect data centres.
While Google is a key component of the OpenTitan project, it won’t be the only tech company contributing. In fact, Western Digital and Giesecke+Devrient, a company known for developing secure banknotes, have also thrown their weight behind the project.
Of course, it’s not all about the companies backing the project, as OpenTitan is open source, meaning it’s available to anyone who wants to poke around and look for security vulnerabilities. While that may sound worrying at first, it should help OpenTitan bolster its security as the open source community can identify issues sooner than the team at Google.
Key to Google’s plans for OpenTitan is the Root of Trust technology, which performs cryptographic functions and has tamper protection to keep devices safe. OpenTitan is based on Google’s in-house Titan chipset, which the company has been using in its own data centres. Google has also used the Titan chip in USB sticks for multi-factor authentication and even in its Pixel smartphone line-up.
The OpenTitan project is managed by the lowRISC CIC, an independent not-for-profit company with a full-stack engineering team based in Cambridge, UK, but other partners will be providing their insight into improving the security of the chip.
If OpenTitan sounds familiar, that’s because this is not the first grouping of companies we’ve seen in the quest for a more secure data centre. Google in particular has been keen to open source its infrastructure designs as part of the Open Compute Project, which is also supported by Facebook and Intel.