OpenTitan Integrated: A RISC-V Open-Source Silicon Root-of-Trust for large SoCs

Modern System-on-Chips (SoCs) rely on a secure Root of Trust (RoT) as the foundation for all security services. Compromise of the RoT can have catastrophic consequences, undermining the security of the entire system.

This paper presents OpenTitan Integrated, an open-source silicon RoT based on RISC-V specifically tailored for integration into the complex security subsystems of large SoCs. OpenTitan Integrated extends the functionality of the discrete OpenTitan implementation by addressing the specific needs of integrated deployments. Key contributions include:

1. a clear interface trust boundary, defining secure communication paths and preventing privilege escalation;
2. a robust and standardized communication interface, enabling seamless interaction with other SoC components; and
3. a flexible register isolation mechanism, protecting sensitive registers in the system from unauthorized access and modification.

These additions enable secure interaction with other SoC components and prevent unauthorized access, enhancing the overall security posture of the SoC.

Furthermore, OpenTitan Integrated’s open-source nature, available on GitHub under a permissive license, facilitates community review, independent verification, and enhances the overall security and trustworthiness of the design. This collaborative approach allows for rapid identification and mitigation of potential vulnerabilities, leading to a more robust and secure RoT.