Suggestions very much welcome! Unfortunately, this space does not really have any good open options: certainly, there is no ARM MCU that meets our security constraints and also has open firmware. (Indeed, there is no ARM MCU that I am aware of that has a completely open ecosystem; all of them have some proprietary bits, though some less than others.) Longer term, we are bullish on RISC-V, but it's not there yet with the security features that we need (e.g., a PUF) -- and we are not in the position (yet!) to make our own ASIC. (We took a hard look at using a secure FPGA for our root of trust, but the best solution we found in the space made NXP look downright open.)
Again, suggestions welcome -- and we are very optimistic that our options will be much better in the coming decade!
You might be interested in what Anton Blanchard has been up to with the power ISA soft cores, it seems like his work has spanned the bulk of the FPGA toolkits, and I think his latest is taped out for the SKY130 run. His work is also being adapted for an openBMC replacement, which would offer an opportunity to dust off some old Xzibit templates, so thats good.
Unfortunately, going one layer down, most ASIC tooling is extremely opaque about what it does, and it's hard to share chip designs that are open at all levels (you may have open-source verilog, but the GDSII might have to be closed-source due to vendor NDAs). I suspect that if you have problems with FPGA tooling, you will also have problems with ASIC tooling.
However, the cost of an ASIC on an older node (~65-130 nm) is a lot lower than you think. There are (bad) free design tools and even older nodes may have open PDKs from foundries (the old scalable CMOS processes).
I have been considering starting up a company to build hardware root-of-trust chips along the lines of Titan/Cerberus,but I don't know if there's enough of a customer base out there to make it a reality.
I’m working with a lot of IoT and more complex autonomous systems, and would really like to have something that’d perform as a local root of trust. The NXP still seems one of the better options presuming they actually fix the CVE. There’s likely others like me as well. If Oxide made an open chip with an appropriate PUF I’d love to be able to buy it!
Or perhaps the Raspberry Pi folks could be talked to adding one to their Pico boards. ;)
P.S. TI also has trust zone chips, all NDA bound, but various levels of open source firmware.
