zeroRISC

How are zeroRISC and #OpenTitan preparing for post-quantum? Check out the second post in our PQC readiness series on adopting SPHINCS+ for OpenTitan’s current-generation “Earl Grey” chips. This deep dive covers: 🔐 How we decided on using SPHINCS+ for secure boot on #OpenTitan's Earl Grey; 🔐 An inside look at preparing an RFC for the OpenTitan approval process; 🔐 Lastly, how the reference implementation was adapted and optimized to suit Earl Grey. Read the blog: https://lnkd.in/dj5HwbXJ #PostQuantum #PostQuantumReadiness #SecureByDefault #SecureByDesign #PQC

A significant vulnerability (CVE-2024-0762) discovered in the Phoenix SecureCode UEFI firmware, affecting Intel Core processors, poses a widespread threat to millions of laptops across various industries. Researchers at Eclypsium warn that this flaw could impact products from major manufacturers like Acer, ASUS, Dell, Fujitsu, HP, Lenovo, and MSI, potentially affecting tens of millions of devices globally. 💻❗ This incident highlights the critical need for #secure-by-design principles in #hardware and firmware development. By prioritizing security at every stage, from design to deployment, businesses can mitigate risks associated with similar #vulnerabilities and protect from #firmware security threats. 🗞️ SC Media details more below: https://lnkd.in/e3VqxeMc #SecureByDesign #SecureByDefaults #FirmwareSecurity #FirmwareVulnerabilities

Post-quantum crypto should be top of mind for anyone interested in future-ready security, especially in silicon where you can't compile your way out of security regrets. Check out @Jade Philipoom's post on implementation considerations for SPHINCS+ (aka SLH-DSA) secure boot in the OpenTitan root of trust (#RoT) chips! https://lnkd.in/efiRAsjH.

🕒 ICYMI: Last week, the National Institute of Standards and Technology (NIST) announced the finalization of three post-quantum cryptographic (PQC) algorithms. Even though Q-Day is years away, the finalization of these PQC algorithms marks the starting point for many to test them on hardware, as the process is extremely time-consuming. A Post Quantum World introduces many threats, including potential attackers forging their own signatures in the early boot process, which provides critical access to fundamentals such as ownership transfer. 🌎 That is why, at #zeroRISC, we have prioritized support for #PQC. 🔗 To keep up-to-date with ongoing PQC readiness efforts, check out our blog series! First blog is out now, detailing implementation considerations for SPHINCS+ (aka SLH-DSA) secure boot in OpenTitan root of trust (#RoT) chips: https://lnkd.in/efiRAsjH #PQC #PostQuantumReadiness #HardwareSecurity #SecureByDefault #SecureByDesign #Cryptography

ICYMI: Dominic Rizzo sat down with Nitin Dahad on the #Embedded Edge Podcast produced by EE Times | Electronic Engineering Times to discuss the role of #open-source security in #IoT and embedded systems and future cybersecurity challenges for chip manufacturers and #IoT leaders 💻 🎧 Listen to the full podcast below: https://lnkd.in/ev2tNvJu

Researchers recently uncovered critical security flaws in Cinterion cellular modems, threatening the #IoT security of devices commonly used in #healthcare 🩺 , industrial 🏗️, automotive 🚘 and other important sectors. According to SC Media, the uncovered critical security flaws permit #remote code execution and #unauthorized privilege escalation in these IoT devices. "The researchers said the flaw lets remote attackers execute arbitrary code via SMS, granting them unprecedented access to the modem’s operating system. Such access also lets attackers manipulate RAM and flash memory, increasing the potential to seize complete control over the modem without authentication." 🗞️ Read more: https://lnkd.in/esiG_HPD #IoTSecurity #IoTFlaw #SecureByDesign #RCE #UPE

An overlooked lesson from the CrowdStrike outage #SecureByDesign #SecureByDefault #SiliconRootofTrust #SRoT

The recent semiconductor chip shortage highlighted significant vulnerabilities in our global supply chains. The impacts of this crisis were far-reaching, affecting industries from consumer electronics to critical infrastructure. In a recent interview with Forbes' Heather Wishart-Smith, P.E., PMP, zeroRISC CEO Dominic Rizzo emphasized the fragility of the #silicon supply chain and the need for open-source silicon chip design to increase #transparency and therefore, security and trust of devices. At zeroRISC, our ambition is a world of universally trustworthy devices enabled by our integrity management platform, guaranteed by a secure silicon enclave in every chip. 🔧 Read the full article here: https://lnkd.in/eQP4abKM #Semiconductor #ChipShortage #SupplyChain #Innovation #SiliconSecurity #zeroRISC #DeviceIntegrity

📢 Strengthening the Silicon Backbone: Addressing Chip Shortages and Security Concerns 🔒 The COVID-19 pandemic exposed the fragility of global semiconductor supply chains, leading to significant shortages from 2020 to 2023. The CHIPS and Science Act of 2022 and private investments aim to boost U.S. chip production and security. However, security remains a critical issue. zeroRISC, leveraging open-source principles from OpenTitan, enhances chip transparency and trust, addressing hidden vulnerabilities. Collaboration across sectors is essential to ensure a resilient and secure digital future. #TechInnovation #SupplyChain #Semiconductors #Cybersecurity #OpenSource #zeroRISC #CHIPSAct #DigitalTransformation Dominic Rizzo Andreas Kuehlmann Building Cyber Security lowRISC CIC Cycuity

Dominic Rizzo, #zeroRISC CEO & Founder, recently sat down with Electronic Design for a discussion on the #OpenTitan Project's latest milestone - the world’s #first commercial-grade open-source chip. 🚀 "While OpenTitan will be the first commercial-grade chip on the market modeled on Linux and other open-source software, Dominic Rizzo, one of the founders of OpenTitan, said he’s confident it will not be the last. Under development for half a decade and based on OpenTitan’s discrete “Earl Grey” chip design taped out in mid-2023, the chip is designed to be a universally accessible hardware root of trust (#RoT)." 🔐 Open source silicon is a game changer for hardware security - establishing #RoT in both the hardware in a system, and the software running on it. 🗞️ Read the full article below: https://lnkd.in/eYyTBiyk #OpenTitanProject #SecureSilicon #HardwareSecurity #OpenSourceSilicon #RoT #SecureByDesign #SecureInnovation