By Marc Kavinsky, Lead Editor at IoT Business News.
GlobalPlatform has unveiled Pavona, an open-source chip technology package designed to help hardware engineers incorporate security foundations and next-generation encryption capabilities into both simple and complex connected systems.
For internet-connected devices expected to function reliably for many years, their security features are typically determined during the initial chip design phase—long before manufacturers begin addressing device activation or ongoing management.
Recognizing this reality, GlobalPlatform introduced Pavona, a collaboratively managed open-source chip technology framework that bundles verified security components, a system assembly toolkit, and sample complete system designs. The solution targets diverse hardware applications ranging from cloud computing and artificial intelligence platforms to vehicle control systems and compact IoT gadgets.
Beyond traditional open-source chip components
Pavona differentiates itself through its comprehensive approach. While most open-source hardware initiatives focus on single processing cores or predetermined chip layouts, Pavona offers a flexible library of pre-verified security components paired with an assembly mechanism that enables developers to customize security subsystems for their specific hardware needs rather than adopting rigid predefined solutions.
This flexibility is valuable for IoT applications. Security requirements vary dramatically—a dedicated security chip, a built-in security core within a microcontroller implemented security within a multi-chip system each present distinct engineering challenges. Pavona arrives with two validated reference systems: a dedicated security chip and a unified security core for multi-chip configurations manufactured using TSMC’s advanced 3nm process. This inclusion of production-ready reference designs provides Pavona with a tangible advantage over initiatives that remain theoretical or confined to simulations.
GlobalPlatform additionally notes that Pavona aligns with established security certification standards including FIPS 140-3 and Common Criteria. However, this should not be interpreted as automatic certification for products using the framework. Practically, for manufacturers and chip designers, the benefit is that the underlying architecture supports established security validation processes while product-level testing, integration documentation, and final certification remain the responsibility of the implementers.
Next-generation encryption capabilities embedded in hardware
The second significant aspect involves the security algorithms. Pavona incorporates both traditional and next-generation encryption methods, including standardized ML-KEM and ML-DSA algorithms developed specifically for the quantum computing era. Per the official announcement, collaborative research by ZeroRISC, the Max Planck Institute for Security and Privacy, and Academia Sinica demonstrated 6–9× performance gains for these algorithms on compact hardware, plus 36–75% increases in processing speed with minimal additional chip area. These enhancements are part of the initial Pavona release.
For IoT devices with extended operational lives, the implications are clear: transitioning to quantum-safe security extends beyond mere software updates. When encryption operations need to function efficiently on limited hardware resources, architectural decisions embedded during the design phase become integral to future security migration plans. Pavona doesn’t address challenges for existing deployed devices, but it offers both chip designers and device manufacturers an open foundation for incorporating future-proof security support earlier in the development timeline.
This proves especially crucial for industrial IoT, utility infrastructure, automotive electronics, and critical infrastructure—segments where equipment often operates for periods far exceeding typical consumer device replacement cycles. In these sectors, security foundations capable of supporting both current encryption standards and emerging quantum-resistant methods may help avoid designing hardware based on security assumptions that become outdated.
Collaborative framework and industry significance
Pavona operates under GlobalPlatform’s oversight, originating from its Trusted Open Source Silicon working group. Funding comes from a board of corporate contributors while development direction is managed by an independent Technical Committee. The organizational structure follows successful open-source governance patterns established by projects like Yocto and Zephyr.
The founding coalition spans multiple sectors: Agile Analog, Analog Devices, Baochip, CrossBar, Max Planck Institute for Security and Privacy, Meta, Qualcomm Technologies, SIMPLE Crypto Association, Tenstorrent, University of Oxford, Winbond Electronics, and ZeroRISC. For the connected device sector, this diverse participation matters significantly because widespread secure chip adoption requires more than just accessible components—it demands alignment among chip makers, software communities, standards organizations, and final product companies regarding interfaces and validation approaches viable for commercial use.
Pavona potentially simplifies the process for manufacturers to evaluate security architectures without depending solely on proprietary single-vendor solutions. For system integrators and industrial companies, the effects are more subtle but impactful: equipment constructed using modular, certification-ready security chips may simplify security assessment, verification, and management across varied system deployments. Networking solution providers won’t utilize Pavona identically to chip design teams, but enhanced device-level security foundations can shape how authentication, identity management, and secure device activation are implemented across connected products.
Launching Pavona doesn’t remove the fundamental complexities of secure hardware engineering—system integration, verification, certification, and ongoing support continue demanding substantial effort. However, Pavona’s primary significance lies in unifying open-source chip designs, standards compatibility, and cryptographic future-proofing within a single solution, instead of treating them as separate isolated engineering endeavors.
