zeroRISC and Nuvoton Technology Corporation announced the availability of the first open-source, commercial chip built on the OpenTitan® secure silicon design. The new chip brings truly trustworthy secure silicon capable of serving as a root of trust (RoT) to the marketplace and is being made commercially available via early access through a partnership with Nuvoton and Winbond. This release is in conjunction with today's historic announcement by lowRISC and the OpenTitan coalition as the first open-source silicon design to reach commercial availability.

Since its inception in 2018, zeroRISC, Nuvoton and winbond have worked closely within the OpenTitan project to develop and ensure the success of the project's first-of-its-kind silicon-proven design. While conventional security starts at the operating system (OS) layer, the most sophisticated, pernicious and trustworthiness target the firmware layer below it and the hardware on which it runs. As such, truly trustworthy security must start below the OS with secure silicon like OpenTitan® and secure-by-design firmware.

Since its founding in April 2023, zeroRISC has focused on open-source development of production-quality OpenTitan-based discrete secure chips as well as secure silicon subsystems that are easily integrated into third-party systems on a chip (SoCs) and chiplets. Additionally, Winbond and zeroRISC are working closely to introduce the integrated OpenTitan SEE equipped with comprehensive support for secure external flash. zeroRISC has found a way to democratize silicon security with the launch of this new commercial chip, according to TIRIAS Research Founder and Principal Analyst Jim McGregor.

"As more sophisticated threat actors increasingly target critical infrastructure, firmware and the supply chain, zeroRISC can better protect billions of connected devices with stronger security that begins below the operating system, bolstered by hardware root of trust technology. This comes at a time when widespread global regulation - including the Biden-Harris Cybersecurity Strategy and the Cyber Resilience Act - highlight vendor responsibility and liability in the event of escalating cyber attacks and breaches," said McGregor.