Google's OpenTitan, the first open source silicon Root of Trust, is now shipping in commercially available Chromebooks, marking a milestone for transparent, verifiable hardware security.
OpenTitan, the first open source silicon Root of Trust (RoT), is now shipping in commercially available Chromebooks, Google announced today. This milestone marks the culmination of a seven-year collaboration between Google and the open source community to build transparent, verifiable hardware security foundations.
The first OpenTitan part is being produced by Nuvoton, a leader in silicon security. For those unfamiliar with the technology, the Root of Trust is the foundation upon which all other security properties of a device are derived. By anchoring this in silicon, OpenTitan provides the strongest possible security guarantees that the code being executed is authorized and verified.
What makes OpenTitan particularly significant is its open source nature. Unlike traditional security silicon where the design remains proprietary, OpenTitan allows anyone to review and test its capabilities with unprecedented transparency. This means you can choose to buy it from a commercial partner or manufacture it yourself based on your use case. The transparency enables optimization for specific needs, whether that's having multiple reliable suppliers or ensuring complete end-to-end control of the manufacturing process.
One of OpenTitan's standout features is its support for post-quantum cryptography (PQC) secure boot based on SLH-DSA. This makes it the first commercially available open source RoT to help future-proof devices against potential adversaries who might break classical public-key cryptography like RSA using quantum computing. As quantum computing advances, this forward-looking approach becomes increasingly critical for long-term device security.
The project has pushed the boundaries of what can be expected from silicon RoT in other ways too. By applying commercial-grade design verification (DV) and top-level testing to an open source design, the team has achieved the highest quality while maintaining transparency and independent verifiability. The design verification and testing processes are particularly rigorous - both individual IP blocks and the top-level Earl Grey design maintain functional and code coverage above 90% to the highest industry standards, with 40,000+ tests running nightly. This means regressions are caught and resolved quickly, ensuring design quality is maintained over the long term.
Another notable innovation is the ownership transfer approach. This gives confidence that the silicon is working for you and helps move away from co-signing, putting you in full control of your own update schedule. This level of control is particularly valuable for organizations that need to maintain strict security policies.
The OpenTitan project and its community are actively supported and maintained by lowRISC C.I.C., an independent non-profit. This organizational structure ensures the project remains truly open and community-driven rather than being controlled by any single company.
Beyond delivering this first instance of OpenTitan silicon as a product, the project has developed valuable processes along the way. The team prioritized thorough and accurate documentation, together with onboarding materials to streamline welcoming new developers to the project. This focus on accessibility recognizes that any IP is of little value without the ability to navigate and deploy it effectively.
Google and lowRISC pioneered open source security silicon development through OpenTitan. While challenges are expected when doing something for the first time, the benefits of working in the open source have been clear: fast and efficient cross-organizational collaboration, retention of expertise regardless of employer, shared maintenance burdens, and high levels of academic research engagement.
Looking ahead, Google has several exciting developments in the pipeline. Bringup to deploy OpenTitan in Google's datacenters is underway and expected to land later this year. The team is also working on a second generation part that will support lattice-based PQC (such as ML-DSA and ML-KEM) for secure boot and attestation. More information on this is coming soon.
Perhaps most significantly, OpenTitan has demonstrated that the same methodology can be used to develop additional open source designs targeting a wide range of use cases, whether the focus is on security, safety, or elsewhere. The project is already seeing re-use of IP that was developed for OpenTitan being adapted for Caliptra, a RoT block that can be integrated into datacenter-class SoCs.
The OpenTitan community is rapidly growing. Since the project's public launch in 2019, the number of commits has grown from 2,500 to over 29,200 - more than ten times the original amount. The project now has 275+ contributors to the codebase and 3.2k GitHub stars, demonstrating strong community engagement.
For those interested in getting involved, the team invites you to visit the open source GitHub repository or reach out to the OpenTitan team directly. As open source silicon development continues to mature, OpenTitan represents a significant step toward more transparent, verifiable, and trustworthy hardware security foundations for the devices we rely on every day.
{{IMAGE:2}}
Comments
Please log in or register to join the discussion