Where OpenTitan Fits in the System

Host SoC

Less Trusted
Runs main application workloads
Requests security via APIs
Cannot directly access secrets

Communication

SPII²CUART

OpenTitan RoT

Highly Trusted
Isolated security component
Enforces policy decisions
Protects crypto secrets

Clear separation reduces blast radius of host compromise — secrets remain inside the RoT

Previous Slide Next Slide