At last week’s 10/9 event, the company cited security as one of the three tentpole experiences that it provides to customers. Google has achieved this through its Titan line of custom security chips. After detailing the benefits of the Titan M on the Pixel 3 this morning, Google today published a technical deep dive on the chip.
The second-generation, low-power security model is designed and manufactured by Google. At the supply chain, the company invested in a custom provisioning process to ensure “transparency and control starting from the earliest silicon stages.”
This transparency means Google knows “what’s inside, how it got there, how it works, and who can make changes.” To go a step further, the Titan M firmware source code will be publicly available soon.
While Google holds the root keys necessary to sign Titan M firmware, it will be possible to reproduce binary builds based on the public source for the purpose of binary transparency.
As the chip is physically isolated from the rest of the phone, the Titan M will be immune to side channel attacks like Spectre and Meltdown that devastated the tech industry earlier this year.
Titan M’s processor, caches, memory, and persistent storage are not shared with the rest of the phone’s system, so side channel attacks like these—which rely on subtle, unplanned interactions between internal circuits of a single component—are nearly impossible.
Google also provided a high-level diagram of the ARM Cortex-M3 microprocessor. For comparison, the full Titan chip found in Google’s data centers is on the left in the cover image, with the Pixel 3’s Titan M next to it.
Google notes that it has a foundation for future “higher assurance” functionality that it plans to develop like medical device control, P2P payments, and two-factor authentication. The latter is allowed by the Titan M having direct electrical connections to the Pixel 3’s side buttons, which third-party apps can access for U2F Authentication.