Google Open Source Chip Hardware plans to Thwart Cybercriminals
From its servers to its smartphones, Google uses a proprietary hardware chip called Titan to prevent cyberattacks. In an unusual move, Google plans to open source the hardware which could help it, and many other companies, in the fight against cyberattacks.
Google has been using its Titan chip since 2017. It checks the firmware and software that runs as a device boots and, using cryptography, checks it’s correct. This limits the chance of a device being subject to a boot attack, where a hacker or their software breaches a device early, allowing greater control later.
Working with Swiss university ETH Zurich and Western Digital Google will release its “OpenTitan.” Royal Hansen, VP of security for Google says:
“Open-sourcing the silicon design makes it more transparent, trustworthy, and ultimately, secure.”Royal Hansen, VP of security for Google
Open sourcing software is becoming more and more common. It’s a way to provide cybersecurity and vulnerability transparency for software users and it allows developers to test platforms and identify bugs. It’s far less common for technology companies to open source hardware, making this a bold move for Google.
Google won’t be managing the OpenTitan project however. The already influential technology giant, as per Wired, doesn’t want to be seen to be controlling a project that could alter how chips used in other devices are manufactured. Instead, the project will be managed by non-profit hardware organisation lowRISC. Member of the board Gavin Ferris revealed it has already taken a year and a half to launch OpenTitan and it could be the same amount of time again before the first OpenTitan chips are made.
There are benefits for Google, it might not need to make its own secret chips anymore, but instead be able use OpenTitan chips. Hansen says, “We can use them without making our own,” adding that, “others can use them in the same way, so the trust could be transited and not simply be from one company to the next.”
OpenTitan could result in less-expensive, more secure and more widely available device chips preventing boot attacks. Hansen says:
“Think about all the societal dependence we have on software, all of that somewhere lands in a booted computer. The first instruction is the only way you can be confident in it.”Royal Hansen, VP of security for Google
As cyberattacks increase and become more sophisticated new tactics are needed to fight cybercriminals and prevent fraud, data theft, ransomware attacks, and massive data breaches. One likely trend for the next decade in cybersecurity is more companies working together, or creating initiatives like OpenTitan, to thwart cyberattackers. Such an approach could strengthen the overall security of devices, software, and networks, to the benefit of all.
DataCenterKnowledge suggests that as well as devices, OpenTitan could eventually help protect massive data centers, and Ray Wang, an analyst at Constellation Research says it could be huge for the chip market. Processor makers AMD, Intel, and Arm, all already have their own proprietary hardware protection for their chips. It’s possible that Google hopes to do for chips, what Linux did for operating systems, by open sourcing.