Unleashing OpenTitan's Potential: a Silicon-Ready Embedded Secure Element for Root of Trust and Cryptographic Offloading

TL;DR

A comprehensive methodology for integrating custom extensions and intellectual properties into the Earl Grey architecture, architectural enhancements for system-level integration, support for varied boot modes, and improved data movement across the platform facilitate the deployment of OpenTitan in broader SoCs, even in scenarios lacking specific technology-dependent IPs.

Abstract

The rapid advancement and exploration of open-hardware RISC-V platforms are driving significant changes in sectors like autonomous vehicles, smart-city infrastructure, and medical devices. OpenTitan stands out as a groundbreaking open-source RISC-V design with a comprehensive security toolkit as a standalone system-on-chip (SoC). OpenTitan includes Earl Grey, a fully implemented and silicon-proven SoC, and Darjeeling, announced but not yet fully implemented. Earl Grey targets standalone SoC implementations, while Darjeeling is for integrable implementations. The literature lacks a silicon-ready embedded implementation of an open-source Root of Trust, despite lowRISC's efforts on Darjeeling. We address the limitations of existing implementations by optimizing data transfer latency between memory and cryptographic accelerators to prevent under-utilization and ensure efficient task acceleration. Our contributions include a comprehensive methodology for integrating custom extensions and IPs into the Earl Grey architecture, architectural enhancements for system-level integration, support for varied boot modes, and improved data movement across the platform. These advancements facilitate deploying OpenTitan in broader SoCs, even without specific technology-dependent IPs, providing a deployment-ready research vehicle for the community. We integrated the extended Earl Grey architecture into a reference architecture in a 22nm FDX technology node, benchmarking the enhanced architecture's performance. The results show significant improvements in cryptographic processing speed, achieving up to 2.7x speedup for SHA-256/HMAC and 1.6x for AES accelerators compared to the baseline Earl Grey architecture.

Figures (11)

• Figure 1: Block diagram of top_earlgrey module, the core digital architecture of Earl Grey SoC.
• Figure 2: Block diagram of the reference heterogeneous architecture.
• Figure 3: This block diagram shows the methodology with which we deployed OpenTitan in our environment. Red boxes represent the source files we adapted/integrated into our implementation; green boxes represent the stages of the framework; purple boxes represent the outputs of the stages.
• Figure 4: This picture shows the block diagram of the Earl Grey wrapper module.
• Figure 5: On the left side it is explained the delegation process where the host populates mailbox's registers (1) with data buffer's location, its size, and a distinctive identifier that outlines the required operation. Then, the host raises the mailbox interrupt towards OpenTitan (2). OpenTitan fetches and decodes the command within the mailbox (3) and load the eventual input payload from the external memory (4). At this point, OpenTitan executes the task (5) and stores eventual outputs (6) back in memory before raising the interrupt to the application processor (7). On the right side ,the memory map of the mailbox is shown.