{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:25:19Z","timestamp":1772119519562,"version":"3.50.1"},"reference-count":44,"publisher":"Association for Computing Machinery (ACM)","issue":"5","funder":[{"name":"UAE Technology Innovation Institute","award":["101095947"],"award-info":[{"award-number":["101095947"]}]},{"name":"HORIZON CHIPS-Joint Undertaking program"},{"name":"Spoke 1 on Future High-Performance Computing"},{"name":"Italian Research Center on High-Performance Computing, Big Data and Quantum Computing"},{"name":"Ministry of University and Research"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"published-print":{"date-parts":[[2025,9,30]]},"abstract":"\n The rapid advancement and exploration of open-hardware RISC-V platforms are catalyzing substantial changes across critical sectors, including autonomous vehicles, smart-city infrastructure, and medical devices. Within this technological evolution, OpenTitan emerges as a groundbreaking open-source RISC-V design, renowned for its comprehensive security toolkit and role as a stand-alone system-on-chip (SoC). OpenTitan encompasses different SoC implementations such as Earl Grey,\n \n 1<\/jats:sup>\n <\/jats:xref>\n fully implemented and silicon proven, and Darjeeling,\n \n 2<\/jats:sup>\n <\/jats:xref>\n announced but not yet fully implemented. The former targets a stand-alone SoC implementation; the latter is oriented towards an integrable implementation. Therefore, the literature currently lacks a silicon-ready embedded implementation of an open-source Root of Trust despite the effort made by lowRISC on the Darjeeling implementation of OpenTitan. We address the limitations of existing implementations, focusing on optimizing data transfer latency between memory and cryptographic accelerators to prevent under-utilization and ensure efficient task acceleration. Our contributions include a comprehensive methodology for integrating custom extensions and intellectual properties (IPs) into the Earl Grey architecture, architectural enhancements for system-level integration, support for varied boot modes, and improved data movement across the platform. These advancements facilitate the deployment of OpenTitan in broader SoCs, even in scenarios lacking specific technology-dependent IPs, providing a deployment-ready research vehicle for the community. We integrated the extended Earl Grey architecture into a reference architecture in 22-nm FDX technology node. Then, we benchmarked the enhanced architecture\u2019s performance, analyzing the latency introduced by the external memory hierarchic levels, presenting significant improvements in cryptographic processing speed, achieving up to 2.7\n x<\/jats:italic>\n speedup for SHA-256\/HMAC and 1.6\n x<\/jats:italic>\n for AES accelerators compared with baseline Earl Grey architecture.\n <\/jats:p>","DOI":"10.1145\/3690823","type":"journal-article","created":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T12:09:16Z","timestamp":1725538156000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Unleashing OpenTitan\u2019s Potential: a Silicon-Ready Embedded Secure Element for Root of Trust and Cryptographic Offloading"],"prefix":"10.1145","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-7861-9129","authenticated-orcid":false,"given":"Maicol","family":"Ciani","sequence":"first","affiliation":[{"name":"Department of Energy and Information (DEI), University of Bologna","place":["Bologna, Italy"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6607-7367","authenticated-orcid":false,"given":"Emanuele","family":"Parisi","sequence":"additional","affiliation":[{"name":"Department of Energy and Information (DEI), Universit\u00e0 di Bologna","place":["Bologna, Italy"]}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-1912-3801","authenticated-orcid":false,"given":"Alberto","family":"Musa","sequence":"additional","affiliation":[{"name":"Department of Energy and Information (DEI), University of Bologna","place":["Bologna, Italy"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5155-6883","authenticated-orcid":false,"given":"Francesco","family":"Barchi","sequence":"additional","affiliation":[{"name":"Department of Energy and Information (DEI), University of Bologna","place":["Bologna, Italy"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1148-2450","authenticated-orcid":false,"given":"Andrea","family":"Bartolini","sequence":"additional","affiliation":[{"name":"Department of Energy and Information (DEI), University of Bologna","place":["Bologna, Italy"]}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-5755-7402","authenticated-orcid":false,"given":"Ari","family":"Kulmala","sequence":"additional","affiliation":[{"name":"Technology Innovation Institute","place":["Abu Dhabi, United Arab Emirates"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6295-5476","authenticated-orcid":false,"given":"Rafail","family":"Psiakis","sequence":"additional","affiliation":[{"name":"Technology Innovation Institute","place":["Abu Dhabi, United Arab Emirates"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7495-6895","authenticated-orcid":false,"given":"Angelo","family":"Garofalo","sequence":"additional","affiliation":[{"name":"Department of Energy and Information (DEI), UNIBO","place":["Bologna, Italy"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7323-759X","authenticated-orcid":false,"given":"Andrea","family":"Acquaviva","sequence":"additional","affiliation":[{"name":"Department of Energy and Information (DEI), University of Bologna","place":["Bologna, Italy"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0651-5393","authenticated-orcid":false,"given":"Rossi","family":"Davide","sequence":"additional","affiliation":[{"name":"Department of Energy and Information (DEI), University of Bologna","place":["Bologna, Italy"]}]}],"member":"320","published-online":{"date-parts":[[2025,9,13]]},"reference":[{"key":"e_1_3_2_2_2","first-page":"2243","volume-title":"31st USENIX Security Symposium (USENIX Security\u201922)","author":"Aliaj Esmerald","year":"2022","unstructured":"Esmerald Aliaj, Ivan De Oliveira Nunes, and Gene Tsudik. 2022. GAROTA: Generalized active root-of-trust architecture (for tiny embedded devices). In 31st USENIX Security Symposium (USENIX Security\u201922). USENIX Association, Boston, MA, 2243\u20132260. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/aliaj"},{"key":"e_1_3_2_3_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3077977"},{"key":"e_1_3_2_4_2","unstructured":"Thomas Benz Michael Rogenmoser Paul Scheffler Samuel Riedel Alessandro Ottaviano Andreas Kurth Torsten Hoefler and Luca Benini. 2023. A High-performance Energy-efficient Modular DMA Engine Architecture. (2023). arxiv:cs.AR\/2305.05240"},{"key":"e_1_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISCAS46773.2023.10181732"},{"key":"e_1_3_2_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCSI.2017.2698019"},{"key":"e_1_3_2_7_2","first-page":"857","volume-title":"25th USENIX Security Symposium (USENIX Security\u201916)","author":"Costan Victor","year":"2016","unstructured":"Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal hardware extensions for strong software isolation. In 25th USENIX Security Symposium (USENIX Security\u201916). USENIX Association, Austin, TX, 857\u2013874. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/costan"},{"key":"e_1_3_2_8_2","doi-asserted-by":"publisher","DOI":"10.1109\/MECO58584.2023.10154913"},{"key":"e_1_3_2_9_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSSC.2013.2289600"},{"key":"e_1_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/PATMOS.2017.8106976"},{"key":"e_1_3_2_11_2","doi-asserted-by":"publisher","DOI":"10.2514\/1.I010916"},{"key":"e_1_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/IWASI.2019.8791364"},{"key":"e_1_3_2_13_2","first-page":"1","volume-title":"2020 IEEE High Performance Extreme Computing Conference (HPEC\u201920)","author":"Ehret Alan","year":"2020","unstructured":"Alan Ehret, Eliakin Del Rosario, Karen Gettings, and Michel A. Kinsy. 2020. A hardware root-of-trust design for low-power SoC edge devices. In 2020 IEEE High Performance Extreme Computing Conference (HPEC\u201920). IEEE, 1\u20136."},{"key":"e_1_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/3379512"},{"key":"e_1_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/TVLSI.2017.2654506"},{"key":"e_1_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/SECON.2018.8479266"},{"key":"e_1_3_2_17_2","unstructured":"Infineon. 2024. APTIGA\u2122 TPM - Trusted Platform Module. (2024). Retrieved February 28 2024 from https:\/\/www.infineon.com\/cms\/en\/product\/security-smart-card-solutions\/optiga-embedded-security-solutions\/optiga-tpm\/"},{"key":"e_1_3_2_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/FPT.2011.6132665"},{"key":"e_1_3_2_19_2","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-020-00108-8"},{"key":"e_1_3_2_20_2","doi-asserted-by":"publisher","DOI":"10.1145\/3342195.3387532"},{"key":"e_1_3_2_21_2","unstructured":"lowRISC. 2024. Open Titan Darjeeling (Integrated Admissible Architecture) Datasheet. (2024). Retrieved February 28 2024 from https:\/\/opentitan.org\/book\/hw\/top_darjeeling\/doc\/datasheet.html"},{"key":"e_1_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/3458903.3458904"},{"key":"e_1_3_2_23_2","article-title":"Security verification of the OpenTitan hardware root of trust","author":"Meza Andres","year":"2023","unstructured":"Andres Meza, Francesco Restuccia, Jason Oberg, Dominic Rizzo, and Ryan Kastner. 2023. Security verification of the OpenTitan hardware root of trust. IEEE Security & Privacy (2023).","journal-title":"IEEE Security & Privacy"},{"key":"e_1_3_2_24_2","unstructured":"MicroChip. 2024. ATECC608A: CryptoAuthentication\u2122 Device Summary Datasheet. (2024). Retrieved February 28 2024 from https:\/\/ww1.microchip.com\/downloads\/aemDocuments\/documents\/SCBU\/ProductDocuments\/DataSheets\/ATECC608A-CryptoAuthentication-Device-Summary-Data-Sheet-DS40001977B.pdf"},{"key":"e_1_3_2_25_2","doi-asserted-by":"publisher","unstructured":"Andrea Hoeller and Ronald Toegl. 2018. Trusted platform modules in cyber-physical systems: On the interference between security and dependability. In 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). 136\u2013144. DOI:10.1109\/EuroSPW.2018.00026","DOI":"10.1109\/EuroSPW.2018.00026"},{"key":"e_1_3_2_26_2","doi-asserted-by":"publisher","DOI":"10.1145\/3433210.3453112"},{"key":"e_1_3_2_27_2","first-page":"445","volume-title":"2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC\u201916)","author":"Ngabonziza Bernard","year":"2016","unstructured":"Bernard Ngabonziza, Daniel Martin, Anna Bailey, Haehyun Cho, and Sarah Martin. 2016. TrustZone explained: Architectural features and use cases. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC\u201916). IEEE, 445\u2013451."},{"key":"e_1_3_2_28_2","article-title":"A survey of published attacks on Intel SGX","author":"Nilsson Alexander","year":"2020","unstructured":"Alexander Nilsson, Pegah Nikbakht Bideh, and Joakim Brorsson. 2020. A survey of published attacks on Intel SGX. arXiv preprint arXiv:2006.13598 (2020).","journal-title":"arXiv preprint arXiv:2006.13598"},{"key":"e_1_3_2_29_2","article-title":"Assessing the performance of OpenTitan as cryptographic accelerator in secure open-hardware system-on-chips","author":"Parisi Emanuele","year":"2024","unstructured":"Emanuele Parisi, Alberto Musa, Maicol Ciani, Barchi Francesco, Davide Rossi, Andrea Bartolini, and Andrea Acquaviva. 2024. Assessing the performance of OpenTitan as cryptographic accelerator in secure open-hardware system-on-chips. To appear at 21st ACM International Conference on Computing Frontiers (2024).","journal-title":"To appear at 21st ACM International Conference on Computing Frontiers"},{"key":"e_1_3_2_30_2","doi-asserted-by":"publisher","unstructured":"Emanuele Parisi Alberto Musa Simone Manoni Maicol Ciani Davide Rossi Francesco Barchi Andrea Bartolini and Andrea Acquaviva. 2024. TitanCFI: Toward enforcing control-flow integrity in the Root-of-Trust. In 2024 Design Automation & Test in Europe Conference & Exhibition (DATE). 1\u20136. DOI:10.23919\/DATE58400.2024.10546873","DOI":"10.23919\/DATE58400.2024.10546873"},{"key":"e_1_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1145\/3291047"},{"key":"e_1_3_2_32_2","unstructured":"Open Compute Project. 2022. Cloud Security: Integrating Trust into Every Chip. (2022). Retrieved February 28 2024 from https:\/\/www.opencompute.org\/blog\/cloud-security-integrating-trust-into-every-chip"},{"key":"e_1_3_2_33_2","unstructured":"RAmbus. 2024. Hardware Root of Trust: Everything You Need to Know. (2024). Retrieved February 28 2024 from https:\/\/www.rambus.com\/blogs\/hardware-root-of-trust\/"},{"key":"e_1_3_2_34_2","first-page":"2177","article-title":"A first look at RISC-V virtualization from an embedded systems perspective","volume":"71","author":"S\u00e1 Bruno","year":"2021","unstructured":"Bruno S\u00e1, Jos\u00e9 Martins, and Sandro Pinto. 2021. A first look at RISC-V virtualization from an embedded systems perspective. IEEE Trans. Comput. 71 (2021), 2177\u20132190. https:\/\/api.semanticscholar.org\/CorpusID:232404313","journal-title":"IEEE Trans. Comput."},{"key":"e_1_3_2_35_2","unstructured":"SiFive. 2024. SiFive Gives WorldGuard to RISC-V International to Make this Robust Security Model More Accessible to the RISC-V Community. (2024). Retrieved February 28 2024 from https:\/\/www.sifive.com\/press\/sifive-gives-worldguard-to-risc-v-international-to"},{"key":"e_1_3_2_36_2","doi-asserted-by":"publisher","unstructured":"Maria Sommerhalder. 2023. Hardware security module. In Trends in Data Protection and Encryption Technologies Valentin Mulder Alain Mermoud Vincent Lenders and Bernhard Tellenbach (Eds.). Springer Nature Switzerland Cham 83\u201387. DOI:10.1007\/978-3-031-33386-6_16","DOI":"10.1007\/978-3-031-33386-6_16"},{"key":"e_1_3_2_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/3605769.3623993"},{"key":"e_1_3_2_38_2","doi-asserted-by":"publisher","DOI":"10.1109\/MM.2019.2898633"},{"key":"e_1_3_2_39_2","doi-asserted-by":"publisher","DOI":"10.1109\/DSD51259.2020.00045"},{"key":"e_1_3_2_40_2","doi-asserted-by":"publisher","DOI":"10.1109\/HCS59251.2023.10254698"},{"key":"e_1_3_2_41_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.mejo.2021.105165"},{"key":"e_1_3_2_42_2","doi-asserted-by":"crossref","unstructured":"Mario Werner Thomas Unterluggauer David Schaffenrath and Stefan Mangard. 2018. Sponge-Based Control-Flow Protection for IoT Devices. (2018). arxiv:cs.CR\/1802.06691","DOI":"10.1109\/EuroSP.2018.00023"},{"key":"e_1_3_2_43_2","doi-asserted-by":"publisher","DOI":"10.23919\/DATE51398.2021.9474214"},{"key":"e_1_3_2_44_2","doi-asserted-by":"publisher","DOI":"10.1109\/TVLSI.2019.2926114"},{"key":"e_1_3_2_45_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11704-019-9096-y"}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3690823","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,13]],"date-time":"2025-09-13T13:44:22Z","timestamp":1757771062000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3690823"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,13]]},"references-count":44,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2025,9,30]]}},"alternative-id":["10.1145\/3690823"],"URL":"https:\/\/doi.org\/10.1145\/3690823","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"value":"1539-9087","type":"print"},{"value":"1558-3465","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,9,13]]},"assertion":[{"value":"2024-03-04","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-08-02","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-09-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}