Re: Applications could include...
Google's application for this is to ensure that their servers are running the software they want them to run, not malware written by state-level attackers. This is a very good thing.
Google open-sourcing it will allow other cloud vendors to use it, which is a good thing. Note that the other cloud vendors will each have their own root of trust for their own servers.
It may also allow companies to use it. Although companies are likely to blindly trust their server manufacturer's root of trust used to sign the firmware from their server manufacturer, and the OS vendor's certificate used to sign the OS image from their OS vendor (MS, Red Hat, Ubuntu, etc), it still provides a much better level of assurance than they had before. This is a good thing.
This chip is unlikely to be used in many consumer devices. Because it's there to protect attacks against the motherboard firmware, and on a locked-down device it's awkward enough to change the firmware that it's not worth worrying about. Unless the attacker knows of a bug, changing the firmware requires connecting wires to the flash chip on the PCB, which is beyond the abilities of most people. The OpenTitan chip would provide protection against state-level attackers who have discovered suitable bugs, and want to write their malware to the firmware. However, it's an extra chip and more PCB space, which has a cost, and consumer device and IoT manufacturers will not want to pay extra for security.
Biting the hand that feeds IT
