Google Titan
Google developed Titan as a hardware root-of-trust solution for Google Cloud Platform (GCP). Aside from basic secure boot, Titan implements remediation and first-instruction integrity. These features are like functions found in Intel Boot Guard and Project Cerberus.
“Trust can be re-established through remediation in the event that bugs in Titan firmware are found and patched, and first-instruction integrity allows the platform to identify the earliest code that runs on each machine’s startup cycle.”
-- “Titan in depth: Security in plaintext” (cloud.google.com)
Figure 4-10 shows the Titan System Integration diagram. Figure 4-11 shows the Titan Verified Boot flow.

Figure 4-10: Titan System Integration (source: “Titan silicon root of trust for Google Cloud”)

Figure 4-11: Titan Verified Boot(source: “Titan silicon root of trust for Google Cloud”)

Last modified 1yr ago