Open-source software is ubiquitous: Linux is the dominant operating system on servers and supercomputers worldwide, Wordpress powers over 40 percent of all websites, among other major projects. Open-source hardware has existed since the late 1990’s, but has not seen nearly the same level of interest or adoption as its software-focused cousin.
Dominic Rizzo, CEO and founder of start-up zeroRISC, aims to change that. Today, non-profit global security standards consortium GlobalPlatform launched Pavona, where Rizzo will be a governing board chair. The goal of Pavona is to facilitate the adoption of open hardware into all kinds of applications, including tiny IoT devices and massive data centers, by making the elements modular, standardized, and trusted.
Pavona is a new open hardware ecosystem: it provides a starting kit of hardware modules, coupled with reference designs, a set of software tools to streamline adoption in different types of chips, and software tooling to ease integration. It also has a governance structure aimed at lowering the barrier to entry for adding new open hardware designs and collaborating on development.
“I think it’s foundational,” says Andrew “Bunnie” Huang, hacker and founder of Baochip, which is a founding member of Pavona. “We are now at the point where we finally have enough of a nugget of something open that we can spread it around. The outcome of this experiment is going to determine the shape of how we interact with hardware and open source for a long time.”
How open-source hardware differs from open-source software
The main reason open-source hardware hasn’t seen as much of a boom as software is almost too obvious to name: hardware needs to be manufactured, and manufacturing costs money. “Hardware, when it’s built, requires atoms,” Huang says, “which requires logistics and payment.”
At bottom, manufacturing itself is closed source. Because of this, open-sourcing hardware is inherently layered: while the chip fabrication, physical design kit, and foundry process remain closed, layers on top of that, such as the design verification, system architecture, instruction set architecture, and firmware may be open source.
The Pavona ecosystem isn’t meant to deepen the penetration of open source through the layers. Instead, it’s meant to take the available open-source layers and facilitate their adoption and re-purposing into as broad an application set as possible. “A lot of the work we’re putting into in Pavona has to do with the infrastructure and the architecture that connects all this stuff together,” Rizzo says, “so it becomes much more like Legos; so you can use it in one configuration for a small IoT device and in another configuration for some large data center system-on-a-chip.”
Part of making the hardware components more modular is software. Rizzo and his team built what they call an architectural composition engine that serves as a wrapper around the hardware, allowing it to interact with different types of computing cores, be they ARM or RISC-V. This way, a company can integrate the open hardware into their existing architecture without changing the software stack.
Pavona begins with security chip OpenTitan
Pavona’s starting kit of open hardware designs includes components of OpenTitan, a chip that provides a “hardware root-of-trust”, a chip level source of security that serves as a foundation for all secure operations in a computer. They also include extensions of the OpenTitan design that incorporate efficient cryptography that’s safe against possible future attacks from a large-scale quantum computer.
According to OpenTitan’s proponents, security hardware benefits from openness more than other chips, because if anyone can inspect and verify the design, and there is an active community of people stress-testing the hardware, it can become more trustworthy, and therefore more secure. It also makes the process of proving compliance with various regulatory requirements more straightforward.
Rizzo is counting on three factors to drive adoption of these open security chips. The first is the AI boom, which has caused a massive increase in demand for chips of all kinds, not only the GPUs, but also less well-known components like networking cards, monitors, and more. The second is the regulatory push towards transitioning to post-quantum security, which both the U.S. and European governments have legislated to happen by the end of 2030. And third is new regulatory requirements in the European Cyber Resilience Act, which adds new security verification and reporting requirements for products sold in the European market.
“I think those three things together are all driving people in this direction of using secure, open-source silicon,” Rizzo says.
Security hardware may be just the beginning. Pavona is designed to make it as easy as possible to pull in new hardware modules. One need not be a paying member of Pavona to contribute new designs. “We absolutely are rejecting gatekeeping,” Rizzo says.
To increase trust both from individual contributors and large companies, Rizzo and his team developed a governance structure based on large open-source projects from the software world, such as Yocto. Contributing member companies get representation on Pavona’s governing board. However, an independent technical committee makes the high-level technical decisions. This separation of managerial and technical oversight is meant to increase trust and transparency. “People get very discouraged when they feel like, ‘hey, I made a contribution, and then someone made a decision in a hallway somewhere and told us later.’ So this is more consensus based, it’s more discussion based. And so those discussions have to be open,” Rizzo says.
Frank Nagle, the Linux Foundation’s advising chief economist and a research scientist at MIT,says compliance with standards and transparent governance are the keys to adoption of open source technologies. “Having that type of structure in place will hopefully give it a fighting chance and allow it to reach scale, without people being concerned that it’s controlled by any one company.”
The open hardware future
Nagle argues an underappreciated benefit of open source is that it allows private companies to work together, collaborating on core technology while still competing on specialized implementations.
“My favorite example of this I heard from a car manufacturer,” Nagle says. “The seat in your car has a little button that slides your seat backwards and forwards. Nobody’s buying one car rather than another car, because that little toggle is better. But if you didn’t have one of those in your car, then somebody might not buy your car.”
Many technologies fall into the same category as the car seat’s button—technologies that are necessary, but not a differentiator of the product. Security chips are a great example: every piece of hardware needs security, however few have it as their main function. These are the parts that benefit from open-source, Nagle explains.
Collaborating on such hardware may enable cost-savings for chip manufacturers and their customers, making the AI boom more economically sustainable.
Perhaps more importantly, open-sourcing some hardware development can lower the barrier to entry for new people to enter the field. To aid in this quest, Pavona also provides multiple “getting started” guides, software emulation tools, and FPGA code that anyone can download onto a board and get up and running in under ten minutes.
“I want to get more people involved,” says Bunnie Huang. “Particularly young people, particularly new people. Because we need a more robust ecosystem, more new ideas to ensure that we have the ability to maintain these technologies we depend upon.”
From Your Site Articles
Related Articles Around the Web