Mr Benini, “Root of Trust” (RoT) solutions are vital to ensuring the security of hardware. But what does this term mean?
Luca Benini: Nowadays, system hardware is increasingly the target of malicious attacks. While software vulnerabilities can be patched relatively quickly, the hardware is much more static. Faults generally go undiscovered for longer and are corrected much later – if at all. RoT refers to a method to validate the integrity of hardware. An RoT solution generally involves a microchip that checks whether a system is behaving as expected.
How does it do that?
Put simply, this works in a similar way to electronic banking with two-way authentication. The system sends a code to the RoT chip, and the chip checks whether the code is correct. If anyone makes changes to the system under observation, the code changes and the chip aborts the process.
And is that what OpenTitan does too?
OpenTitan monitors the computer as it starts up – in what is known as the boot process. Like a newborn baby, a computer requires special protection in the seconds after it is switched on. The “firmware” – that is, the software that controls the boot process – is active before the antivirus software is operational, for example. Many attacks therefore target these first few seconds and attempt to compromise the firmware. If this attempt succeeds, the attackers can take control of the system without being noticed. OpenTitan checks whether the code generated by the firmware matches the expected code. If it doesn’t, the boot process is terminated.
Various companies are already supplying this kind of RoT chip. Isn't that enough?
The conventional systems are proprietary and require users to put blind trust in a technology they can’t inspect - with OpenTitan we take a much different approach.
