Access and Feeds

Hardware: Open-Source Silicon Root of Trust (RoT)

By Dick Weisinger

Secure systems are built on secure infrastructure, and to build a secure infrastructure, it is important that there is trust in the firmware used in the system.

Root of Trust (RoT) is trust placed in the system boot process that core elements of the system are secure. During the boot process, a system can validate the authenticity and machine state. This approach avoids rootkit and bootkit hacking attacks. Increasingly, to prevent hacking of the core system, system boot up instructions are moved into the firmware of hardware to ensure that it can’t be modified, a technique known as silicon root of trust.

Silicon RoT can be used in network cards, motherboards, routers, and IoT devices. HPE has developed a proprietary silicon Root of Trust that it is adding to its servers.

In late 2019, Google introduced OpenTitan, an open-source project that provides the blueprint for a silicon root of trust, a plan designed to avoid vendor lock-in.

OpenTitan: Google’s Open Source Silicon Root of Trust

Dominic Rizzo, Google Titan Security Lead, said that “current silicon roots of trust are highly proprietary and they claim security but you really have to take that as a leap of faith and you can’t verify it for yourself. For the first time, you can establish trustworthiness without the blind trust required of proprietary root of trust designs. So the foundation isn’t just strong, it’s inspectable… OpenTitan is a radical design transparency versus the status quo.”

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Leave a Reply

Your email address will not be published. Required fields are marked *