Talk Title:

Secure Builds for Secure Software

Abstract:

The open-source repository is a multi-language repository with both software and hardware IP modules. The components built by the repository include the complete set of on-chip peripherals including traditional I/O peripherals and purpose-built IP blocks to assist with entropy generation, key derivation and acceleration of cryptographic primitives. The software blocks in the repository include the Mask ROM, ROM Extension, high-quality software design verification artifacts as well as host-side tooling to facilitate dev, debug and end-user flows.

Our selection of a build system as it relates to security is primarily concerned with reproducible and auditable builds which will be of great value in the certification and design-review processes. In particular, we want strongly-enforced dependency management for the low-level software components responsible for securely booting the chip.

Speaker Bio:

Chris Frantz is a veteran of the computer industry with experience in delivering firmware for custom ASICs at industry leaders such as HP and Google. Prior to joining the OpenTitan project, he was responsible for managing and delivering Root-of-Trust firmware to Google's world-wide production infrastructure.