Boston-based startup ZeroRISC has raised $5 million in seed funding to develop and deliver its first commercial cloud security service for silicon chips. The funding round, led by Cambridge Angels, a prominent network of U.K. angel investors, included participation from private investors, with Rajat Malhotra of Wren Capital and Pete Hutton, former Arm President of Product Groups, co-leading the deal on behalf of Cambridge Angels.
The capital raised will be used to develop and deliver the first commercial cloud security service for silicon, based on the OpenTitan open-source silicon root of trust (RoT) project. ZeroRISC is a member of the OpenTitan project and provides fabrication-to-field cloud security services that align tightly with the OpenTitan open-source root of trust design. The services cover the entire security lifecycle, from initial configuration and identity creation to secure ownership transfer and in-field device and platform update and management.
Origins of ZeroRISC
Founded in April 2023, ZeroRISC consists of original members of the OpenTitan project team from Google, including CEO Dominic Rizzo. The team formed ZeroRISC when Google made some resourcing decisions that impacted their work on OpenTitan and open-source silicon. They took this as an opportunity and successfully completed the tapeout, referring to the final result of the design process for semiconductor chips, in July 2023. The chips are expected to be received in a couple of weeks.
The OpenTitan project aims to develop trustworthy chip designs for various applications and industries, including consumer devices, data centers, storage, and peripherals. The project is open-source and transparent, allowing anyone to inspect the hardware for security vulnerabilities, contribute to the design, and build trust throughout the entire chain of trust.
The Importance of the Silicon Root of Trust
The silicon root of trust (RoT) is a secure piece of silicon embedded below the operating system that establishes immutable trust at the lowest layers of a system. It attests to the authenticity of the silicon, firmware, and higher-level software, ensuring a firm security foundation for any platform that integrates the chip. The RoT passes measured and validated instructions along to hardware, firmware, or software, continuing the chain of trust from the root.
ZeroRISC’s implementations prioritize transparency and trustworthiness. All operations are authenticated, hardware IP is protected by physical countermeasures, and the design has been extensively reviewed and tested against physical attacks. The company’s goal is to provide a cloud security service for silicon that ensures transparency and trustworthiness for data centers, IoT devices, edge devices, and ICS/OT.
The ZeroRISC platform offers a comprehensive solution encompassing silicon, software, and services. It enables secure device management below the operating system and facilitates secure ownership transfer. ZeroRISC is collaborating with commercial integration partners, with Nuvoton being the first partner.
