ZeroRISC Secures $5M Investment to Develop Commercial OpenTitan-Based Cloud Security Solutions for Semiconductors

ZeroRISC Secures $5 Million Seed Funding for OpenTitan-Based Cloud Security Service

Boston-based startup ZeroRISC has successfully raised $5 million in seed funding to launch its first commercial cloud security service for silicon chips, utilizing the OpenTitan open-source silicon root of trust (RoT) project. The funding round was spearheaded by Cambridge Angels, a notable network of U.K. angel investors, with contributions from private investors including Rajat Malhotra of Wren Capital and Pete Hutton, the former President of Product Groups at Arm.

The funds will be utilized to develop the inaugural cloud security service tailored for silicon, according to CEO Dominic Rizzo. ZeroRISC has also joined the OpenTitan project, enhancing its commitment to providing fabrication-to-field cloud security services integrated with the OpenTitan RoT design. These services span from initial configuration and identity creation to secure ownership transfer and in-field device management.

Founded in April 2023, ZeroRISC comprises original members from Google’s OpenTitan project team. Recent staff changes at Google prompted the team to seize the opportunity to fundraise amidst the challenges posed by Silicon Valley Bank's turmoil. Rizzo noted that they have successfully completed the tapeout process and expect to receive their chips shortly.

OpenTitan aims to create an open silicon ecosystem by fostering collaboration on trustworthy chip designs for consumers, data centers, storage, and peripherals. This initiative enables transparency, allowing users to inspect hardware for security vulnerabilities and contribute to its development. The OpenTitan model ensures a robust root of trust for any platform integrating its technology, capable of attesting the silicon, firmware, and higher-level operating systems.

“This is 100% open-source oriented so no one company can dominate it,” Rizzo stated, emphasizing the project's independence and transparency.

Understanding Root of Trust in Cybersecurity

The silicon root of trust (RoT) serves as the foundational anchor for all operations within a platform. Acting beneath the operating system, it validates the authenticity of the silicon, its firmware, and the software layers above it. By establishing immutable trust at the system's core, it creates a chain of trust that extends throughout the entire firmware and software stack.

ZeroRISC's architecture is inherently secure by default, ensuring that all software and services are rooted in a reliable silicon RoT. The design has been rigorously reviewed against physical attacks, safeguarding hardware intellectual property and enabling secure device management and ownership transfer.

In partnership with integration firm Nuvoton, ZeroRISC will deliver a comprehensive platform that emphasizes transparency and trustworthiness in cloud security for data centers and edge devices.

The Innovative OpenTitan Framework

OpenTitan represents the world’s first open-source digital design for silicon RoT, complete with commercial-grade verification and continuous integration. The RoT reinforces hardware and software integrity by employing authorized and verifiable code during boot processes. As an active participant in the OpenTitan project, ZeroRISC contributed to the initial discrete silicon tapeout and is focused on transitioning the chip to commercial production.

With evolving cybersecurity liabilities shifting toward manufacturers, leveraging OpenTitan’s design offers significant commercial potential. As investor Pete Hutton highlighted, ZeroRISC’s expert team is poised to disrupt the proprietary industry landscape.

Looking ahead, ZeroRISC plans to emphasize open-source development, integrating high-quality RoT solutions while creating a secure, embedded operating system written in Rust, designed to ensure strict isolation between applications.

The company’s first market-ready chip will feature defenses against physical attacks and support for post-quantum secure boot, adhering to industry certification standards from the outset.

"No system can be secure at the operating system level," Rizzo asserted. "Our mission is to advance OpenTitan's remarkable work by delivering a transparent, trustworthy silicon platform that facilitates secure ownership transfer and extends zero trust principles back into the supply chain."

Nuvoton recognizes the surging demand for silicon RoT solutions and is eager to collaborate with ZeroRISC, leveraging OpenTitan to address complex security challenges through comprehensive end-to-end solutions. Together, they aim to redefine the landscape of silicon security. ZeroRISC currently employs a dedicated team of 14 experts.