Researchers at ETH Zurich, together with Google and other partners, have developed a chip called OpenTitan that makes computers more secure.
It’s a small miracle that happens when the start button of a computer is pressed. Startup is controlled by software, but for the software to take control of the hardware, it must first be started from the hardware. This process is called booting. The English verb has meanwhile reached German as well; the Duden explains it with the reference to the English noun «bootstrap», bootstrap. Because the English speakers do not pull themselves on their own head, but on their own boots from the swamp.
After booting, when the computer has come to itself, he has a sense of self. An operating system. This basic software can take care of itself, and it can be careful to run only those programs that the authorized user wants to run. It has an arsenal of weapons to repel intruders. But how can this program defend itself against enemies within? How can this program, which monitors the other programs, know that it can trust itself? It can not know that because it could not monitor the boot process from the start. Where computers are better protected, the boot process must first be secured.
“A booting computer is as vulnerable as a newborn baby,” says Luca Benini. As an ETH professor, he heads the Digital Circuits and Systems Group at the Department of Information Technology and Electrical Engineering . This group, together with Google and other partners, has developed the blueprint for a semiconductor chip to help secure the boot process. This solution, called OpenTitan , was introduced on Tuesday afternoon.
Booting is a multi-step process in which the processor starts a small amount of software after powering on, which then activates more powerful software capable of extracting the operating system from the mire of being powered off and heaving it into main memory. OpenTitan uses public-key encryption techniques to ensure that only software that is secure is used in this process.
A year ago, “Bloomberg Businessweek” caused a stir with an article claiming that Chinese hardware manufacturers incorporated backdoors into their products so that users of those products could be spied on. All the players mentioned in the article, the Chinese manufacturers as well as their American partners – including Amazon, Apple and Super Micro – denied the allegations. Can you believe them? Those who are committed to computer security, can not rely on such protestations. He must assume that everything is insecure, that can not prove that it is safe. This proof can be based on digital certificates as part of a public-key cryptosystem. This way, all actors involved in the boot process can be authenticated, and there is a so-called “chain of trust”. Anchor point of this chain is a piece of hardware, a semiconductor component that monitors the boot process from the beginning.
OpenTitan is such a “root of trust” solution. But it is not the only one. Intel and ARM have installed appropriate protection mechanisms in their processors. There are also specialized chips from smaller manufacturers. Under the name of Titan, Google has developed its own chip, which has been used in the data centers of this American company for two years. This chip uses components of ARM. Amazon (Nitro) and Microsoft (Cerberus) have also poured “trust anchors” into silicon, developing their own chips that they use in their data centers to secure the boot process.
The main innovation of OpenTitan lies in the name component “Open”: The blueprint for this chip is freely accessible under the terms of the Apache 2 license. Anyone can review, revise and customize it for their own purposes without paying royalties. OpenTitan is open source hardware. This not only allows for greater flexibility in use, but also promises better functionality. Because the security of this solution is verifiable, it is based here not on the assumption that cryptographic methods are safe only because its operation is kept secret.
OpenTitan is not a product and not a standard, but an “engineering project”, in which all interested parties could participate, Google writes in a message. The further development of OpenTitan is coordinated by the British nonprofit company Lowrisc . It is likely that Google will soon use the chip in large numbers in its own data centers. In addition, OpenTitan will probably be able to prove itself in peripheral devices and network components as well. It can not be ruled out that OpenTitan will soon be found in mobile computers and smartphones.
The scientists at the Digital Circuits and Systems Group at ETH have been working with open source hardware for many years. The Risc-V project of the University of California at Berkeley plays an important role here. This blueprint of a processor is not protected by patents and can be used freely. One of the driving forces behind Risc-V’s development has been American computer scientist David Patterson, who has pioneered fundamental innovations in computer architecture. Since his retirement, he works for Google.
The flagship project of the Digital Circuits and Systems Group of ETH Zurich is the development of a hardware and software platform for the development of energy-efficient microcontrollers. On this basis – Parallel Ultra Low Power Platform (pulp) – since 2013, various types of processors have been developed, including those that are recommended for security applications. “Pulp is known worldwide and used by many developers,” says Benini. “Because of these successes, Google came to us.” The partnership began about two years ago.
The development of semiconductor components is complicated and expensive. This raises the question of whether universities in this field can even compete with large private companies in the semiconductor industry. “My answer is a clear yes,” says Benini. Thanks to open-source hardware, university researchers today could be more “agile and innovative”. They would not be hampered by “legacies” – the consideration of older products – and they could share their findings with researchers from other groups.
In the 1980s, in the field of software development, the open-source idea was still the concern of a small group of sectarians. Meanwhile, this idea has completely changed the software industry. There is no major software company that can do without open source software. Linux and the Android operating system that emerged from Linux are ubiquitous, for each area of application there are now free alternatives, often they are the preferred or the only choice. The open source hardware follows this trajectory, says Benini. “We are still in the beginning, but I am very optimistic. It’s going to be a big deal, a big deal. “